arstechnica.com Open in urlscan Pro
18.188.231.255 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Effective URL:
https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Submission: On February 02 via api (February 2nd 2023, 2:11:58 pm UTC) from IN — Scanned from DE

Summary HTTP 134 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 25 domains to perform 134 HTTP transactions. The main IP is 18.188.231.255, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 27176.
TLS certificate: Issued by Amazon on October 29th 2022. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	18.188.231.255 18.188.231.255	16509 (AMAZON-02) (AMAZON-02)
21	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
9	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.203.125.127 23.203.125.127	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.203.125.62 23.203.125.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6813:d983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.224.52.77 3.224.52.77	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.139.61 52.222.139.61	16509 (AMAZON-02) (AMAZON-02)
3	13.224.189.89 13.224.189.89	16509 (AMAZON-02) (AMAZON-02)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4032	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.42.74.150 13.42.74.150	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.239 151.101.64.239	54113 (FASTLY) (FASTLY)
1	18.165.205.133 18.165.205.133	16509 (AMAZON-02) (AMAZON-02)
2	34.197.246.141 34.197.246.141	14618 (AMAZON-AES) (AMAZON-AES)
42	65.9.58.187 65.9.58.187	16509 (AMAZON-02) (AMAZON-02)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
2	52.94.243.89 52.94.243.89	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
3	13.32.11.75 13.32.11.75	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	23.62.221.169 23.62.221.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.20.148.9 52.20.148.9	14618 (AMAZON-AES) (AMAZON-AES)
5	18.66.15.86 18.66.15.86	16509 (AMAZON-02) (AMAZON-02)
134	36

2 18.188.231.255 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-231-255.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-127.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d983 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.52.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-52-77.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-61.ams50.r.cloudfront.net

cdn.memo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-89.fra2.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4032 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.74.150 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-74-150.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.205.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-205-133.lhr50.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.246.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-246-141.compute-1.amazonaws.com

elsa.memoinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 65.9.58.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-187.fra56.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.243.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.11.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-75.vie50.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.221.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-221-169.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.148.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-148-9.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.15.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-86.vie50.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	cloudfront.net dwgyu36up6iuz.cloudfront.net d2c8v52ll5s99u.cloudfront.net dp8hsntg6do36.cloudfront.net	2 MB
21	arstechnica.net cdn.arstechnica.net — Cisco Umbrella Rank: 45443	967 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	220 KB
8	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1279 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3116 odb.outbrain.com — Cisco Umbrella Rank: 1529 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5415	117 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 3360 r.skimresources.com — Cisco Umbrella Rank: 3230 t.skimresources.com — Cisco Umbrella Rank: 3375 p.skimresources.com — Cisco Umbrella Rank: 4358	15 KB
5	cnevids.com api.cnevids.com — Cisco Umbrella Rank: 94382 player.cnevids.com — Cisco Umbrella Rank: 18493	74 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 432	375 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 7790 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3005	4 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 428 mb.moatads.com — Cisco Umbrella Rank: 722 px.moatads.com — Cisco Umbrella Rank: 520	78 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2217	525 KB
2	memoinsights.com elsa.memoinsights.com — Cisco Umbrella Rank: 28995	1 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	132 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	564 B
2	mediavoice.com cdn.mediavoice.com — Cisco Umbrella Rank: 52763 plugin.mediavoice.com — Cisco Umbrella Rank: 38969	140 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 291	50 KB
2	arstechnica.com 1 redirects arstechnica.com — Cisco Umbrella Rank: 27176	18 KB
1	condenastdigital.com capture.condenastdigital.com — Cisco Umbrella Rank: 16665	48 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	28 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	17 KB
1	condenast.io api.condenast.io — Cisco Umbrella Rank: 25198	4 KB
1	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 9294	438 B
1	memo.co cdn.memo.co — Cisco Umbrella Rank: 35442	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	128 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 577	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	27 KB
134	25

	Domain	Requested by
42	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
21	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
9	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
5	dp8hsntg6do36.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
5	widgets.outbrain.com	arstechnica.com widgets.outbrain.com
3	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
3	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
3	player.cnevids.com	arstechnica.com cdn.arstechnica.net player.cnevids.com
2	images.outbrainimg.com	arstechnica.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	elsa.memoinsights.com	cdn.memo.co
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	p.skimresources.com	arstechnica.com
2	t.skimresources.com	arstechnica.com s.skimresources.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
2	arstechnica.com	1 redirects
1	capture.condenastdigital.com	arstechnica.com
1	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	px.moatads.com	arstechnica.com
1	odb.outbrain.com	widgets.outbrain.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	api.condenast.io	player.cnevids.com
1	mb.moatads.com	z.moatads.com
1	widget-pixels.outbrain.com	arstechnica.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	r.skimresources.com	s.skimresources.com
1	cdn.memo.co	arstechnica.com
1	www.googletagmanager.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	z.moatads.com	arstechnica.com
1	js-sec.indexww.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
134	38

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
www.condenast.com
www.facebook.com
twitter.com
www.reddit.com
labs.bitdefender.com
www.obdev.at
blog.malwarebytes.com
github.com
www.welivesecurity.com
en.wikipedia.org
www.cybereason.com
www.arstechnica.com
www.heraldweekly.com
taongafarm.com
shefence-citional.com
www.clicktraceclick.com
safesly.com
www.outbrain.com
condenast.com

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2022-11-01` - `2023-12-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
cnevideos.com Amazon	`2022-12-01` - `2023-12-29`	a year	crt.sh
memo.co Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cnevids.com Amazon	`2022-09-03` - `2023-10-01`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
condenast.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-02` - `2023-10-04`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
memoinsights.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-11` - `2023-02-09`	3 months	crt.sh
conde.io Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Frame ID: 5F1C163418BA2626DC86F318355C82D6
Requests: 122 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7739944994864145
Frame ID: 06113DEBBAFC5C71B89EF46E7BB94243
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C41959ECD1D2802F8B3ED80E5EEA2FE0
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html
Frame ID: 3BA9AD524647614F632DB3612A94F7C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

After hiatus, in-the-wild Mac backdoors are suddenly back | Ars Technica

Page URL History Show full URLs

https://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/ HTTP 301
https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-su... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Page Statistics

134
Requests

97 %
HTTPS

29 %
IPv6

25
Domains

38
Subdomains

36
IPs

5
Countries

4713 kB
Transfer

12242 kB
Size

11
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.condenast.com/brands/ars-technica
Title: Advertise with Ars

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D919431
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=After+hiatus%2C+in-the-wild+Mac+backdoors+are+suddenly+back&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D919431
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D919431&title=After+hiatus%2C+in-the-wild+Mac+backdoors+are+suddenly+back
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://labs.bitdefender.com/2016/07/new-mac-backdoor-nukes-os-x-systems/
Title: blog post published Wednesday

Search URL Search Domain Scan URL

URL: https://www.obdev.at/products/littlesnitch
Title: Little Snitch

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/malwarebytes-news/2016/07/new-mac-backdoor-malware-eleanor/
Title: own Wednesday blog post

Search URL Search Domain Scan URL

URL: https://github.com/juuso/keychaindump
Title: Keychaindump

Search URL Search Domain Scan URL

URL: http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/
Title: disclosed the new malicious app

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Mach-O
Title: Mach-O executable

Search URL Search Domain Scan URL

URL: http://www.cybereason.com/osx-pirrit-what-adware-that-just-displays-ads-means-for-mac-os-x-security/
Title: report published Wednesday

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Gatekeeper_%28OS_X%29
Title: Gatekeeper

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario
Title: Unsolved Mysteries Of Quantum Leap With Donald P. Bellisario

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-warhammer-40k-with-author-dan-abnett
Title: Unsolved Mysteries Of Warhammer 40K With Author Dan Abnett

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-f-16-replacement-search-a-signal-of-f-35-fail
Title: SITREP: F-16 replacement search a signal of F-35 fail?

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube
Title: Modern Vintage Gamer Reacts To His Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-the-nes-conquered-a-skeptical-america-in-1985
Title: How The NES Conquered A Skeptical America In 1985

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-immersive-stories-deepen-the-horror-of-games-like-soma-and-amnesiac-rebirth
Title: How Horror Works in Amnesia: Rebirth, Soma and Amnesia: The Dark Descent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-one-gameplay-decision-changed-diablo-forever
Title: How One Gameplay Decision Changed Diablo Forever

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-mortal-kombat
Title: Unsolved Mortal Kombat Mysteries With Dominic Cianciolo From NetherRealm Studios

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/us-navy-gets-an-italian-accent
Title: US Navy Gets an Italian Accent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-amazons-undone-brought-dreams-to-life-through-rotoscope-and-oil-paints
Title: How Amazon’s “Undone” Animates Dreams With Rotoscoping And Oil Paints

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-nba-jam-became-a-billion-dollar-slam-dunk
Title: How NBA JAM Became A Billion-Dollar Slam Dunk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-alan-wake-was-rebuilt-3-years-into-development
Title: How Alan Wake Was Rebuilt 3 Years Into Development

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-prince-of-persia-defeated-apple-ii-s-memory-limitations
Title: How Prince of Persia Defeated Apple II's Memory Limitations

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-crash-bandicoot-hacked-the-playstation-to-run
Title: How Crash Bandicoot Hacked The Original Playstation

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-myst
Title: Myst: The challenges of CD-ROM | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/markiplier-reacts-to-his-top-1000-youtube-comments
Title: Markiplier Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-the-evolution-of-oddworld-and-what-comes-next
Title: How Mind Control Saved Oddworld: Abe's Oddysee

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe
Title: Bioware answers unsolved mysteries of the Mass Effect universe

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-civilization
Title: Civilization: It's good to take turns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-dod-resets-ballistic-missile-interceptor-program
Title: SITREP: DOD Resets Ballistic Missile Interceptor program

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/warframe-s-rebecca-ford-reviews-your-characters
Title: Warframe's Rebecca Ford reviews your characters

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-subnautica
Title: Subnautica: A world without guns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-slay-the-spire-war-stories
Title: How Slay the Spire’s Original Interface Almost Killed the Game | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-amnesia-the-dark-descent-the-horror-facade
Title: Amnesia: The Dark Descent - The horror facade | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-c-and-c-tiberian-sun
Title: Command & Conquer: Tiberian Sun | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-blade-runner-skinjobs-voxels-and-future-noir
Title: Blade Runner: Skinjobs, voxels, and future noir | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-dead-space-the-drag-tentacle
Title: Dead Space: The Drag Tentacle | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/teach-the-controversy-flat-earthers
Title: Teach the Controversy: Flat Earthers

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-gets-a-crucial-green-light
Title: Delta V: The Burgeoning World of Small Rockets, Paul Allen's Huge Plane, and SpaceX Gets a Crucial Green-light

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/chris-hadfield-explains-his-space-oddity-video
Title: Chris Hadfield explains his 'Space Oddity' video

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/apollo-the-greatest-leap-episode-1-risk
Title: The Greatest Leap, Episode 1: Risk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-ultima-online-the-virtual-ecology
Title: Ultima Online: The Virtual Ecology | War Stories

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: https://www.heraldweekly.com/the-best-worst-met-gala-attire-over-the-years-part2/?utm_medium=outbrain&utm_source=1736&utm_campaign=230115123738931x0xchedg_00c481bd5a8949a425bfa6ada3b868500e&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGalerie%5D+The+Most+Inappropriate+Dress+on+The+Met+Gala+Red+Carpet&cpc=$cpc$&obOrigUrl=true
Title: [Galerie] The Most Inappropriate Dress on The Met Gala Red Carpet HeraldWeekly

Search URL Search Domain Scan URL

URL: https://taongafarm.com/de/landings/gp/26/?ref=W_300123_DACH_Video_Auto_RegLvl8Purchase_All_Broad_NM&mng=NM&utm_campaign=W_300123_DACH_Video_Auto_RegLvl8Purchase_All_Broad_NM&cc=008393ae3109c19f0040c04a5c5dd1b139&utm_source=outbrain&utm_medium=display&utm_term=$publisher_name$_$publisher_id$_$section_name$_$section_id$&utm_content=0061240494476dce576c3a53dda23faeec&obOrigUrl=true
Title: Wenn Sie über 30 sind, macht dieses Spiel süchtig. Keine Installation nötig Taonga: Die Inselfarm

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob&utm_campaign=GutDE_DesktoptCPA_2309&utm_term=$section_name$&utm_content=00838a7a749ba884d2c0e5fb2b42536340-Darm-Arzt%3A+Ich+flehe+alle+Deutschen+an%2C+ihren+Darm+mit+diesem+Tipp+dur&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Darm-Arzt: Ich flehe alle Deutschen an, ihren Darm mit diesem Tipp durchzuspülen (jeden Morgen) gesundheitdarm.com

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/68187655-3b6a-4666-9d4d-ddb587c2a73d?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Kaufen+Sie+keinen+neuen+PC.+Erst+lesen.+%28Jetzt%29&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Kaufen Sie keinen neuen PC. Erst lesen. (Jetzt) Sicherheitstechnische Tipps

Search URL Search Domain Scan URL

URL: https://safesly.com/b2d88469-67aa-4f3b-b1fb-7975b9cbc294?Campaign=6H_DE_Desktop_Solaranlagen_/v28&AdID=00e9e1eeace8210dc30de7ad6bf810cb81&PubID=$publisher_id$&PubName=$publisher_name$&SectionID=$section_id$&SectionName=$section_name$&SourceID=$source_id$&Headline=Solar-Boom+2023%3A+Staat+gibt+jetzt+unfassbaren+Anreiz&OutbrainClickId=$ob_click_id$&conversionname=6HPV&obOrigUrl=true
Title: Solar-Boom 2023: Staat gibt jetzt unfassbaren Anreiz Vergleich Profis24

Search URL Search Domain Scan URL

URL: https://www.heraldweekly.com/hilarious-t-shirts-embarrassing-to-them-funny-to-us/?utm_medium=outbrain&utm_source=1734&utm_campaign=230110171620291x0xchrome_007b46edcfb54b4866cf5cb169adfc263c&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGallery%5D+23+Hilarious+T-Shirts+That+Went+Too+Viral&cpc=$cpc$&obOrigUrl=true
Title: [Gallery] 23 Hilarious T-Shirts That Went Too Viral HeraldWeekly

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy
Title: More information about your privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/ HTTP 301
https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

134 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Redirect Chain

https://arstechnica.com/security/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

53 KB
17 KB

474ms
474ms

Document
text/html

18.188.231.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.188.231.255 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-188-231-255.us-east-2.compute.amazonaws.com

Software

nginx/1.23.2 / PHP/8.1.14

Resource Hash

453c9b81e2ca20c285d3a1406ea41d72f3cca42ad9fc58b0c6c43fa64da55b8c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 14:11:49 GMT
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/" <https://arstechnica.com/wp-json/wp/v2/posts/919431>; rel="alternate"; type="application/json"
server: nginx/1.23.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.14
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 14:11:49 GMT
location: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
server: nginx/1.23.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.14
x-redirect-by: WordPress
x-xss-protection: 1; mode=block

GET
H2 200 main-c1868550f6.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 336 KB
71 KB 347ms
51ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ef2ef4f0e453b0c430da6aca75ff768e3f95e45939c6668677e0b79ba15fee41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1670967135
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: b3fc8445ff7af5840bb4f5325cf69e9b
content-length: 71877
x-cf2: H
last-modified: Tue, 13 Dec 2022 21:12:16 GMT
server: CFS 0215
x-cff: B
etag: W/"6398eab0-53ed1"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 319ms
29ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 51464
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Tue, 31 Jan 2023 02:45:54 GMT
server: cloudflare
etag: 0x8DB033545CD6338
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bec856a9-201e-0167-71d1-352d14000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384ae4feb2bd9-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 320ms
31ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 2827
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 00bc8f20-801e-016a-3f39-28c218000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 793384ae4fee2bd9-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 240ms
85ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c08471d744ad2863aea7c8c6413a59ca47b1d29a2bcea0a8cae39ee28f8de400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27561
x-xss-protection: 0
server: sffe
etag: "1470 / 776 of 1000 / last-modified: 1675339640"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Feb 2023 14:11:50 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 131ms
21ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:33:24 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 2307
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: Z71_TuZ1FBIhpTwuLRqU51W5VsWdNfTbtAeYLr3jWnLN42j6C2PEiA==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 297 KB
95 KB 308ms
13ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1675347029
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6f74204730db3b573745df85297ddfab4c34974f46406d1bb8691035c1687cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Feb 2023 14:11:50 GMT
x-amz-version-id: RnPzwQ6WaaoO6Nj5enyT4qz6kmzAVgIv
content-encoding: gzip
x-cf-tsc: 1675347037
x-cf3: H
x-amz-request-id: 57T4QNFXX5S0MFYH
cf4ttl: 119.500
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: d455e3c4523c5e46d1c7299c24c83282
content-length: 96313
x-amz-id-2: kVipOiHPHinvEH7teo0crowxJSVeHePi5hg9CQ1GRAD4NAomMaq7tANzmcoMz4cY9CoRjizcuc4=
x-served-by: cache-cmh1290083-CMH
x-cf2: H
last-modified: Mon, 12 Dec 2022 16:28:49 GMT
server: CFS 0215
x-timer: S1675347032.161294,VS0,VE1
x-cff: B
etag: "c59f9831da8987be4cb2693255bb80cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 7
accept-ranges: bytes
expires: Thu, 02 Feb 2023 14:13:50 GMT

GET
H2 200 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 43 KB
15 KB 83ms
34ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 14:01:36 GMT
server: cloudflare
age: 479
etag: W/"da4f1d-ada8-5f3b800d1b6af"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 793384af59409bd7-FRA
expires: Thu, 02 Feb 2023 18:11:50 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 220 KB
78 KB 190ms
36ms Script
application/x-javascript 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 45a4411c6ab80a3d9e3b6b7a75bccc1619ac83f94767ba868d2234478834c8e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 19:36:29 GMT
server: AmazonS3
x-amz-request-id: WH1DCWHY9H71NAQW
etag: "be169ee4259844f55234db7915b3d6be"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49486
accept-ranges: bytes
content-length: 79043
x-amz-id-2: XNZmL3ASASLq8XZNhJN6+y3by5NXl++/gPetvDtNFz+owRmdg0P1q55gsiwE2KXqXZ+MjcE0ipE=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 120 KB
39 KB 353ms
58ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1675347029
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 35e42bec2d0ab0cca4aef3e872157a05923e3644c94a5dce9d59853efff2f0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Feb 2023 14:11:50 GMT
x-amz-version-id: DImnkCQlOSk8MlwvPRojJwh4EP8m4MKj
content-encoding: gzip
x-cf-tsc: 1675347036
x-cf3: H
x-amz-request-id: 57TFWMG0BRG6QJ1Q
cf4ttl: 119.500
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: afe7fe1d8ed1d0fb9762e4c60ef6e79f
content-length: 39466
x-amz-id-2: gWXwLzs0CIAN9/q0Maw2PPnvBdRM4/tYCA/IK40mrvqW7NRzzQ5U81FIvsepElRrIAjE8ZBrVTs=
x-served-by: cache-cmh1290063-CMH
x-cf2: H
last-modified: Tue, 24 Jan 2023 17:28:57 GMT
server: CFS 0215
x-timer: S1675347032.162298,VS0,VE1
x-cff: B
etag: "e91ac748cfbc59db20287f5983f8c81a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 5
accept-ranges: bytes
expires: Thu, 02 Feb 2023 14:13:50 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 344ms
49ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280769
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 3a749ac9df197fc522c7a6e586d75901
content-length: 1143
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: W/"636e9b18-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 46360
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 style.min.css
cdn.arstechnica.net/wp/wp-includes/css/dist/block-library/ 93 KB
15 KB 350ms
56ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1669024230
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 3c493ec74cef1b9ee7b6bc2dfec7c0c8
content-length: 15480
x-cf2: H
last-modified: Tue, 15 Nov 2022 19:11:58 GMT
server: CFS 0215
x-cff: B
etag: W/"6373e47e-172a9"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 47193
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 comments.css
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/css/ 4 KB
1 KB 352ms
58ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/css/comments.css?ver=1.1.8
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 2b966386db7e5598dc99aae1c9e22fc86b37017d7b99c4a8f0eb5b636bf52d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1674407028
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: cf50d45cf7e44443d8467aadf78f20d7
content-length: 1087
x-cf2: H
last-modified: Wed, 18 Jan 2023 20:47:48 GMT
server: CFS 0215
x-cff: B
etag: W/"63c85af4-10b7"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 mac_malware.png
cdn.arstechnica.net/wp-content/uploads/2009/03/ 225 KB
226 KB 18ms
16ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2009/03/mac_malware.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ed5a229ceb5b2fcc5c9d0e24ad73dd14e476d9e11bc97cea9a31f5bb6dc98e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-amz-version-id: null
x-cf-tsc: 1675347110
x-cf3: H
x-amz-request-id: NTKGM1X5AH7J4TM4
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1579817389:cacheN.fra2-01:M
x-cf-reqid: 5371e54c9605fda9a12d74e888f5c204
content-length: 230761
x-amz-id-2: doHFxK5p24zS8ena6IAYsvbyL7cnStYmSR7T6SebBlG4YE8WDVfuGjLHTp+FlHUUkAOtHfSeJ3s=
x-cf2: M
last-modified: Fri, 20 Dec 2019 22:22:56 GMT
server: CFS 0215
x-cff: B
etag: "aa1798800f1a713819f680efc599a402"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 54264
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 216 KB
75 KB 118ms
26ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 659d6abc4b4a426aedfc53cae288c81e75300b11692932c244f2966a27c9b172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 13:36:31 GMT
etag: "16-TpYPVhtmfW1EOPfI6KQwWg+CuPs"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: e6eb439111a027f8650394886c28fd4e
timing-allow-origin: *, *
content-length: 76269
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 main-218403ea71.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 626 KB
204 KB 16ms
16ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 15ac550babcd12bf0cd1c7362e4aadc9fd32800edd7f3082a2c3bbad7240a2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668571160
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: f287a8efdc684b49ee3796790659823c
content-length: 208328
x-cf2: H
last-modified: Wed, 16 Nov 2022 03:48:39 GMT
server: CFS 0215
x-cff: B
etag: W/"63745d97-9c79d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 6
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 87ms
20ms Script
text/javascript 2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 8396
content-length: 2018
last-modified: Thu, 02 Feb 2023 06:18:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
x-country: DE
x-varnish: 2221479508
cache-control: max-age=21600
cf-ipcountry: DE
accept-ranges: bytes
cf-ray: 793384af7c78360b-FRA

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 36 KB
14 KB 140ms
23ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: a3a1045bdd4556d83b740335475f60da908d6b0420b78c7688e03943ead2d988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
x-sp-metadata: HS256.CLal754GEooBCiQ1ODc5MzdmYS05ZjYxLTQ0OWYtOGQxYS05NmY5ZDVkNmE5MWYQsNrb5pK18AIaBgimie+eBiIPMTg1LjIxMy4xNTUuMTc3KKjiAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkNGJlOWJjNDItODU1OS00MWE2LThjNWEtYmVjNTVjNGE4NDA1GOlrIhgIAhIUY2RzMjcyLmFtNS5od2Nkbi5uZXQ=.KSAucLuOsUWEklPAMz+s2RYJMre/N6i6e++FalIb0Js=
last-modified: Tue, 30 Aug 2022 08:58:37 GMT
server: AmazonS3
x-amz-request-id: JCDYZ5GCPV94R0XS
etag: "f913970f8dda10842aff8a06a8dfa0cd"
x-hw: 1675347110.cds281.am5.hn,1675347110.cds272.am5.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13801
x-amz-id-2: vdMI6WDrFnWUWO/xUlk7eeJftI9xXywgHue3Mm3wzs8+UofEGRK7U1QVSCwNuMr0nN2WqQyPh54=

GET
H2 200 iframeResizer.min.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 14 KB
6 KB 12ms
9ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframeResizer.min.js?ver=1.1.8
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 4bc7f443f57d55c7eba98816a3d1054bdcee0cc74f4c1302f82056d118f141bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1674407028
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 1819786d2a2c865b853cbdbb008a6194
content-length: 5969
x-cf2: H
last-modified: Wed, 18 Jan 2023 20:47:48 GMT
server: CFS 0215
x-cff: B
etag: W/"63c85af4-3734"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 iframe.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 7 KB
2 KB 11ms
8ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframe.js?ver=1.1.8
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 760577261d75b1724a53825766138cc52ea09676703fdb4046cbf2ecb2508b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1674407028
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: ceaa34e24e5f760c6a7b792c6bf08bbd
content-length: 1692
x-cf2: H
last-modified: Wed, 18 Jan 2023 20:47:48 GMT
server: CFS 0215
x-cff: B
etag: W/"63c85af4-1c5e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 476 KB
128 KB 222ms
99ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35e753bb6d985c6caacc05d79f9943d510c3667ee639acf6bbda0276f5218a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130715
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 14:11:50 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 5 KB
2 KB 68ms
27ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129d9d61199f04b6d1fa1f935343bf9d2e59917e9a8d84bc7dba1307b6db56b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: qv4swkul+oed1UbCH6v7vQ==
age: 78540
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1824
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 16:16:09 GMT
server: cloudflare
etag: 0x8DAF8A625243A0D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4dc928bf-501e-0089-2d8f-2a61c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384af0a7191e3-FRA
expires: Fri, 03 Feb 2023 14:11:50 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 75 B
252 B 109ms
43ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 793384af7f945c7a-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 38ms
11ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 8d93658522b9c10c7c932ab145c102c3
content-length: 25592
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 35ms
8ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: f26f38a10c942059bf2409a50c160cb2
content-length: 24264
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 91ms
52ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 793384afdb7a9b83-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 467ms
108ms XHR
application/json 3.224.52.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.52.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-52-77.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Connection: keep-alive
Content-Length: 658
X-XSS-Protection: 1; mode=block
X-Request-Id: 5dcadbf6-6dd7-4205-a54a-25a18eb7b1eb
X-Runtime: 0.001921
X-Backend-Node: 10.110.122.161
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"64afbd494b9cf4b0ba5e8dfaac52fd56"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding, Origin
X-Frame-Options: SAMEORIGIN

GET
H2 200 memo.js Show response
cdn.memo.co/js/ 21 KB
7 KB 179ms
105ms Script
application/javascript 52.222.139.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.memo.co/js/memo.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-61.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding: gzip
via: 1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 14:11:51 GMT
last-modified: Wed, 04 May 2022 18:49:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
x-amz-server-side-encryption: AES256
etag: W/"09a117df3977ec5a869191fcea2ac408"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: 7hF53lV9gCINS1kwkrMa6rMh-0lj3EV_3lpLZgpgbC73p2b95MLzAw==

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 112 KB
28 KB 103ms
12ms Script
text/javascript 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-89.fra2.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

8261aabd72b0748f420d7c688de90a530a77afacf654765e0b2ed1b010913237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA2-C1
Age: 56
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 27666
X-XSS-Protection: 1; mode=block
X-Request-Id: bb249118-8063-4601-9d04-4b93bca779ea
X-Runtime: 0.009331
X-Backend-Node: 10.110.125.142
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"004b3857ad4096609cd83360768a78a3"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: pLpHYgSIXUbtSdAk8r3bSaS7MDikgPMHpp0HWDAlHEnxPJxEzsWdcg==

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 gatekeeper-300x150.png
cdn.arstechnica.net/wp-content/uploads/2016/01/ 34 KB
34 KB 87ms
78ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2016/01/gatekeeper-300x150.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8b1270ab80a148ddb97a92b941c80afa4b8ebc6afc458d8b60a3d4d75bf4f45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-amz-version-id: null
x-cf-tsc: 1675347110
x-cf3: H
x-amz-request-id: 2387F8QTQ3SQQ4S3
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 0256fd1c5205f5400cdb2e777eb492d2
content-length: 34602
x-amz-id-2: 4Xpb3o/smLPkolIBPxyhKmJOj7+7ghWCEWsntqmlsLYZoqwuQ9VCYEGgocJy5Rk6Zt63cy8x6WA=
x-cf2: M
last-modified: Fri, 20 Dec 2019 23:56:25 GMT
server: CFS 0215
x-cff: B
etag: "0629e36cd6d5418a5d826577bb5118f4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 5547
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 18ms
8ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-amz-version-id: null
x-cf-tsc: 1675109725
x-cf3: H
x-amz-request-id: RMWD6MN2JGN084AP
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: f92c83f43e407c3017f941caa3a98d86
content-length: 92486
x-amz-id-2: LwnzZ5YSePbm4A9BvCKBd6AboZGHnlY2ECn/csNCp+qgmzUZjYemq+OaPgZ9uKRZLHDq7GtWAuc=
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 11419108
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 17ms
8ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 35124e43ea5083fbf9dff83853a88ec5
content-length: 4809
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 79954
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 44ms
40ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 74b3bd056d2de2cceba3fa8fb889b53e
content-length: 18824
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 14ms
10ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 6fca2b613da24196137b93bbe5d1ed56
content-length: 22872
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 41ms
37ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: c84080fa5ab094a2b69229b279a382fa
content-length: 22104
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 63692
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 40ms
36ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: d12e69f3ee5c3b4068c793d15eef1901
content-length: 18972
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72400
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 20ms
17ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 3318ef6f2dca7d058b354b654e49598b
content-length: 19516
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 69897
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 14ms
11ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fF.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 55117840c3ef472dbba87b9490a8bf97
content-length: 24212
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 30 Mar 2023 14:11:50 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
371 B 129ms
31ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

955b9b17b7026556cd56b930022432a32162403a0044cb4e54bc2570116be3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 0611 0
134 B 126ms
28ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7739944994864145
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 158ms
20ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.18305890674875
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 02 Feb 2023 14:11:50 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 157ms
19ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.18305890674875
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 02 Feb 2023 14:11:50 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 25ms
23ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 2842
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cffcc2f9-101e-0024-13c4-0e41a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384b0fc252bd9-FRA

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 368 KB
137 KB 46ms
30ms Script
application/javascript 2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fffd9fce9c89815f9283c61cd0eb0e9563df67815c7e3065b69198e7390cd49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 24756
content-length: 140198
last-modified: Tue, 10 Jan 2023 19:18:00 GMT
server: cloudflare
etag: W/"63bdb9e8-5c1a9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 2423910668 2423665830
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 793384b17f98360b-FRA
expires: Thu, 02 Feb 2023 09:34:31 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
438 B 68ms
18ms XHR
application/json 2606:4700::6811:4032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4032 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-country: DE
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
timing-allow-origin: *
cf-ray: 793384b1ba93901f-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 57ms
17ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
date: Thu, 02 Feb 2023 07:17:11 GMT
x-amz-cf-pop: VIE50-P1
age: 24879
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: nt6woW_lmZEG5oldRGQQb2qBRteEldJnscki_oShBxN08sleabossw==

GET
H2 200 notOutbrain.js Show response
widgets.outbrain.com/nanoWidget/2010130/module/ 1 B
388 B 81ms
30ms Fetch
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010130/module/notOutbrain.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Thu, 02 Feb 2023 14:11:50 GMT
content-encoding: gzip
content-length: 21
last-modified: Wed, 01 Feb 2023 14:05:00 GMT
server: AkamaiNetStorage
etag: "68b329da9893e34099c7d8ad5cb9c940:1675260300.524279"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Thu, 09 Feb 2023 14:11:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
380 B 26ms
24ms Image
image/gif 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Mar 2023 14:11:50 GMT
date: Thu, 02 Feb 2023 14:11:50 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 294ms
52ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 21:44:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 192 B
645 B 323ms
83ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dce0667b5d38b6e4ed4d244cc7abca21881f572ffb00a7efa6d9e6112adbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
x-xss-protection: 0
expires: Thu, 02 Feb 2023 14:11:51 GMT

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 27ms
26ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 14:11:50 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 434 B
608 B 285ms
34ms Script
text/html 13.42.74.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPu8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-izGQnTcST%2BDrDg%3D%3D&sc=1&os=1-vA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=5lB%2BNT0WeG&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&pcode=condenastprebidheader987326845656&rx=29838745313&callback=MoatNadoAllJsonpRequest_81494050
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.74.150 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-74-150.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 603cba3126c79f1f2573a8c2c7895dd4e16aafcadcd6b251760263f4784a54d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:51 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "efba4cccd9269520cd9b09e535dbd7bc3b4f61c1"
content-length: 434
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 12 KB
4 KB 276ms
211ms Fetch
application/json 151.101.64.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: c78d2b7df526e0cb0e36efbe958b671405735e4d332971ef4a22f047d7e812ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
Via: 1.1 varnish
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
X-Cache: MISS
Connection: keep-alive
Content-Length: 3656
X-Served-By: cache-hhn-etou8220051-HHN
Server: nginx/1.15.8
X-Timer: S1675347111.079686,VS0,VE201
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK 5b27ee7e8c1abc4e7900000f Show response
api.cnevids.com/v1/video_groups/ 104 KB
18 KB 219ms
219ms XHR
application/json 3.224.52.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.52.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-52-77.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

5389ad78a284c909eebb778f0fc0b51d8451a283c323d60dcaf8a5090b165d6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Connection: keep-alive
Content-Length: 17105
X-XSS-Protection: 1; mode=block
X-Request-Id: afd69863-b11e-483c-92f0-0fc9fca74e67
X-Runtime: 0.005244
X-Backend-Node: 10.110.44.165
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"de3ba7a59e04036fada34eb294e9abe3"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding, Origin
X-Frame-Options: SAMEORIGIN

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 104ms
19ms Script
text/javascript 18.165.205.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.205.133 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-205-133.lhr50.r.cloudfront.net

Software

Server /

Resource Hash

7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:07:02 GMT
content-encoding: gzip
accept-charset: UTF-8
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 1a6cd18714da9809fa8cb07ad66fd4f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR50-P3
x-amz-rid: ASRSHGSJDNDY8ZWR8JNN
age: 18289
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: p3HmjwGhKQbflzx0ybUcQeA7gLARZo0qPex7j2TXzYxnAZA4_bkyng==

GET
H/1.1 200
OK n Show response
elsa.memoinsights.com/ 367 B
945 B 639ms
109ms Script
application/javascript 34.197.246.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&author%5B%5D=Dan%20Goodin&title=After%20hiatus%2C%20in-the-wild%20Mac%20backdoors%20are%20suddenly%20back&date=2016-07-06T21%3A27%3A37Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&cb=MEMO.API.callbacks.cbullhap&v=v3.0.6
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.246.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-246-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 56d57599ab283565f3bd5700beb538b25f890f0ff2205e5f7050c18356a6b354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/javascript
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 247
x-request-id: 125de2710823cfe237610cf58d189098

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/5342550a-9204-4116-a032-c5a05162683e/ 225 KB
38 KB 46ms
43ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/5342550a-9204-4116-a032-c5a05162683e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eab16bed0ee56de0a1e3a308e02cb8a889a9ef504e0f0b4adb6f256c86c8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FRQ/zPNzOwxzj7xtxhCogA==
age: 78100
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 38429
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 16:16:28 GMT
server: cloudflare
etag: 0x8DAF8A6303956C6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 85282be7-a01e-00be-2d8f-2acd6d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384b48b5491e3-FRA
expires: Fri, 03 Feb 2023 14:11:51 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 366 KB
52 KB 30ms
27ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

325e553a1a864e32b6c0a9395991cca0a153307e79db324805d6d12c7472f204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6vDz/k47dLuX3WfEWis4Kg==
age: 45150
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 53501
x-ms-lease-status: unlocked
last-modified: Wed, 01 Feb 2023 01:43:05 GMT
server: cloudflare
etag: 0x8DB03F5A9FB34F7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4abd1780-401e-0015-13ef-351a7f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384b48b5791e3-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 68 KB
15 KB 30ms
27ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jNSx0jAViofB7ggqqp6FUQ==
age: 2833
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:44 GMT
server: cloudflare
etag: 0x8DADC66BD0C2AD7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdd5c82e-101e-00ca-44ea-0e4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384b489e82bd9-FRA

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 9 KB
3 KB 25ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7dHn1A0MGZqShU38V/JIug==
age: 79139
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:36 GMT
server: cloudflare
etag: 0x8DADC66B8273D07
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6b56f14d-a01e-0154-4197-107439000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 793384b5ee2991e3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 54ms
53ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 02 Feb 2023 14:11:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 80953
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3f4ef08a-c01e-0129-4197-10e8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 793384b5ee2a91e3-FRA

GET
H/1.1 200
OK 60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502 Show response
player.cnevids.com/script/video/ 69 KB
23 KB 112ms
112ms Script
text/javascript 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-89.fra2.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

13f590aedf195578255e3362cd25fbc0e6e4c615b988bfc10bf32ea6f56b31f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 22323
X-XSS-Protection: 1; mode=block
X-Request-Id: 88972aa1-c152-4614-ab4f-16db0aa0a9e9
X-Runtime: 0.004537
X-Backend-Node: 10.110.77.24
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"a1c58f1d07288cc01bcebd16a7c4cb53"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: QYY5vRKkEcmSfZWnvimE9zqE5cOBYD5_E9kuqiq7GZ5-xR2TReFVLg==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 11 KB
12 KB 124ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:33:32 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 2342
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11625
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "0b80752552abdab1277829e7a4b2824a"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: BzcAJ_14WGFHkKrfTgAG-2L1bYscVUrFwiBmeDCAFvBgng21JOCeOQ==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 14 KB
15 KB 125ms
12ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:52 GMT
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 211
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14620
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7996e22c04be37a8677bb680607e6d12"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Usd4ZpEghCSst3j2Obo-OCE54UP4Yjge7naDoKORcFrBm-CIkfr1bA==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 5 KB
6 KB 124ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:52 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 211
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5242
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "cfdeb1a825aca3ca1bf9ab3727325d27"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: LTNZUaKRAHdRkzVQYDGJ9U1fpfumTfdUQA41XNP-yadVShzi83QPmQ==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 122ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 04:13:53 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 1072678
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11899
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "49fd6cf75b5acbe4ea95126496406585"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jNKcJZP6IF_UwPvEpOYJjZdWmUPmyH68ynH_uK5i1zCzi22mTKWWgg==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 123ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:40:39 GMT
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 9082
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16317
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4796345150de82db7572da4e13d5fbc1"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0sc3eQGXMRniCbw75VnYnvapbsNwn3LHI9cbJsnkB1mRn1W76luxXw==

GET
H/1.1 200
OK arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 14 KB
15 KB 125ms
12ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:55 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 176
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14171
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "7f2bf661d68cedfcf91542c6e1dab7c6"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 6j3vc4RILo1MPPJVXw_9UIwutTDb4LWAMt8NSLHxMugTZzDyNweiYg==

GET
H/1.1 200
OK arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 15 KB
15 KB 12ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:59:30 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 7967
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15071
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: emQYrrRky2b0GubRSnkeykjCv5g5216k2dKGqSSRRhx9pdTtQSz9gg==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 10ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:04:16 GMT
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 11279
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14113
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "963bf0b22c745f95a06f32ee1317b872"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7RLGwXNQ1qgKq94FA9bo2NLOS60CpvmTes7WrSOgYSx7xZCQtZ9PYA==

GET
H/1.1 200
OK arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 15 KB
15 KB 11ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:49:55 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 4026
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15079
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "d57f99149a48173e30de572cfa48ed93"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: DLdrVEQ-MrsZowbTBORaXzape7yhfXqIbh4bmOQwkfWL3oluJ8wkww==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 13ms
12ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:57:18 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 4474
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14772
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4049b10cd3281951b01beb4f36134234"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: WJRMAtuuKRT-GbZthdIkD7HiQpbO4yFMkRZLklGJftHC_aObjCCzDQ==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 9ms
8ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:13:23 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 1079908
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3374
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "3f16924a1fdff64e971a0491115fc147"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: KRBu-im9QyCRC5Jw3QLzRk_-m8fC9CvMH5KaBNoxFUNpYqKDDnE9-Q==

GET
H/1.1 200
OK arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 14 KB
15 KB 12ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:52 GMT
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 211
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14667
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "d4de63ae8b9ef5b77ad58eaae97d7d02"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: HmHbKamVEW4mY9kEnA6HZRm2-reFB2NdBtF7m-Zp0HTlD2wAiIkG2Q==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 11 KB
12 KB 12ms
7ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 10:49:11 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 12170
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11486
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7a8a596aae95c9a900261808554523e6"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9IBDz3gCzqfhWqm9Uuwos_EXYWZGBhhYQpl0VO_yLLxGdduoCMQmIg==

GET
H/1.1 200
OK arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 6 KB
7 KB 13ms
8ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 01:58:21 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 821610
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6124
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "51113bf4443c0cf453d0e8bf60489ac7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: s6xVRzhVnKkyHJdyOAPdpW0kguVn7rYZ6IorBk7uNMBXbg4SZtiuZQ==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 10 KB
11 KB 15ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:26:18 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 6514
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10345
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "60622b64688dbb49917234d4091856fb"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: RYVFQyeRTw0fwoHwJBSYU7na7FRGJT5S2YOCY-PZX7Ohbky946cBLw==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 14ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Tue, 31 Jan 2023 03:23:41 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 925330
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15307
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: pnrD18tTapF_nBkg5b44QDMBapWsibQwW0B5dj01HFlm0RSTOO-HbA==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 14 KB
15 KB 15ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:19:46 GMT
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 10493
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14149
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "bd63326fa81d10df9e2da1245d3c122c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: TPqkYRegJpCmU0ym4W9bUW3OFG1q3czNbmfguKQx-lO9jGWLUDWHKA==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 14ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:24:07 GMT
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 10078
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9054
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: GciEpKe7AkeqN8fiJfIG5ZCKFLUdYgz5MLZ5tJSq81VQa1FT6RfV3A==

GET
H/1.1 200
OK arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 11 KB
11 KB 9ms
4ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:47:51 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 5088
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10817
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "9417ada34c9b6b07ccd41a463b717969"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: awcJXY6IqJXLBlnW09Jp8K-AeyZsUZbz1PmHtB0kXPwKVpZlSec0nQ==

GET
H/1.1 200
OK arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 15 KB
16 KB 26ms
20ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:00:04 GMT
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 4323
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15682
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "e9cccef2a4a4cf217be0ba162f6b4296"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0-Y2ADvdPfsYSoYL5sSJLkg8-5U_B_zMxnAEmIDXy-Becgq8uP9DhA==

GET
H/1.1 200
OK arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 17 KB
18 KB 27ms
21ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:47:51 GMT
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 5158
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 17475
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "7588b83c6eb2a1165344abad7e12e715"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Ajy2EwqvWZEUhmJmbDt_VSOrTwOvF-aiq28csnog4D98A3FLLUNlcg==

GET
H/1.1 200
OK arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 13 KB
14 KB 25ms
19ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 10:52:50 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 12029
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13522
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "ed8c6a9aa19e7d5c7aa46a3aead23a87"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: LwTHJBQ0ye0dsZLImw-a6STlB4SR_AGeyoj6C_ZVjgiFzvpv3NZoug==

GET
H/1.1 200
OK arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 9 KB
9 KB 24ms
18ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:43:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 5414
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8832
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "2bad386c14ac040d530ceb2ae89c8bbb"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: A1L_Kt9Oeiwj0ZI0fpHyEtGnXhHKG0OG5SyoeLQmaAqUDE2DBova2g==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 12 KB
13 KB 26ms
19ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:11:32 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 43
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 12614
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "4a7903cbe66890b5688d843661943ccd"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: LB1P_QLqGmsGmQtphjiyN7TLQlsD2m7T3hh2--LCF5sCQTQbPNdIKA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 11 KB
12 KB 14ms
14ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:22:12 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 7065
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11417
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "3e8509d06c6610d54babcac0d91e5d93"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: mWYaD0CQzHV1rJVhfKXhRXRnIPTwxMrLllUTRbN11CeGZJC_ZFocEw==

GET
H/1.1 200
OK arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 16 KB
17 KB 11ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:52 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 211
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16236
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "72002610618f7bf8bf0e52c760e39897"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5ASBZ6GXhZiZf19dXYIMoaV9K6YwZivvNpTfZ1pAAAaA6iozL_1ihA==

GET
H/1.1 200
OK arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 11 KB
11 KB 11ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 02:18:22 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 2202809
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10793
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "0e1ff58ccf6d97759de3d774a7ff835a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MgDfxXoRxjQHLkRRnPhHFtjhQ14sFGMDOazd1AZsedxptvSMXXXLsA==

GET
H/1.1 200
OK arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 14 KB
15 KB 12ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:06:23 GMT
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 4054
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14837
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "1d90d6aef7585f963e1270a1a02a4dd4"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: weH8wLW-9_GfyxDDSXVaOapWJX1713-PerlcsgP7woINAyTI7lnjRw==

GET
H/1.1 200
OK arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 15 KB
16 KB 12ms
12ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 10:25:05 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 13678
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15222
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "8c45b6c645caba59f4b14d3fbdc09062"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: qi3Q3-Kj9lm6HtGArl1Ft21Ww92ZKWcoTCwqeXku3hy5zx-ac3L_dQ==

GET
H/1.1 200
OK arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 15 KB
16 KB 13ms
12ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:23:22 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 10263
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15634
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "abee90e53f29ba0127fca9442ab50902"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: nGVrRcWb7MxwlIXbOr5IJ6ZQL0s-dVozFN_Azhuc5_bGpGnoFo8Fzw==

GET
H/1.1 200
OK arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 15 KB
16 KB 9ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:10:25 GMT
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 118
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15251
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "3e7cdc13e718680bf5e1efa64468b560"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: l2wXe2Jy3b6uj8YwUh9C9KNS5PUAFWzfzTi4WM2Z_NCXkbRweV_lSg==

GET
H/1.1 200
OK arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 19 KB
19 KB 11ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:36:36 GMT
X-Content-Type-Options: nosniff
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 9359
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 19022
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "fe52b9acd391d8bee8de15a0f429b377"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: dDqJxfuzhfyelztUB4gpWmR_fLo6NCj-LKt3k-2h5xShbXorQSIO2Q==

GET
H/1.1 200
OK arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 18 KB
18 KB 12ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 11:23:22 GMT
X-Content-Type-Options: nosniff
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 10263
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 18172
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "32f1b8954559c8d598e9861f5b8360b9"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XMeOKN7yee9F7EEiZdt3Kwg9w6cKjaqOu9IyZEc2k6AvvGq_7gs3-Q==

GET
H/1.1 200
OK arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 7 KB
8 KB 13ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:07:03 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 2444688
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7393
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ftlQYcvnWhXhbNGFBhhi7PCR5hZALF-In1rm5BxgYj1vCjEMpjAcvA==

GET
H/1.1 200
OK arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 10 KB
11 KB 14ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:08:52 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 180
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10595
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "6c0c4f8a9d61ed2b5863a8058c624a37"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0Q1lNcL2xQPYmp-L0rhuGubrJHrlFRzJbYz4ZYKpctlHAu_LpuirrA==

GET
H/1.1 200
OK arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 12 KB
13 KB 15ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 14:07:17 GMT
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 282
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 12509
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "b9c502ffc902b60d0eb13698b37a945d"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: bY6cUanmJAtWOB3DLVImu4LTNUBNvH2GQ5rGihSbfz3p3IJ1a7T5Rg==

GET
H/1.1 200
OK arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 7 KB
8 KB 13ms
10ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 07:08:17 GMT
X-Content-Type-Options: nosniff
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 220158
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7181
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "0549828edcecd339d8d10ebe6119de70"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: whzMvq4iPbSV-FxZ0Wyh2qLC4dD1keNR6wUzqzi8XwqBRKowsNXVGA==

GET
H/1.1 200
OK arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 14 KB
14 KB 8ms
8ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 12:43:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 5422
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14040
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "ecc047c6eed3dc571a78eab647201220"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oaNcgOL6WbFKoHRPB6O3J5hPMQHd72sMOv8AgKKJbYCzy903y7notQ==

GET
H/1.1 200
OK arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 14 KB
14 KB 9ms
8ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:16:06 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 3362
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13885
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "13d45a1733ad4d2f3ae707584d6a8a32"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: RGdoK-0_ikrIm7zJ6l_QjUuU0w0_A_ywfivpfNMeXD1HK4UHACYNew==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 get Show response
odb.outbrain.com/utils/ 80 KB
36 KB 412ms
300ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex&idx=0&rand=65414&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&adblck=false&abwl=false&px=190&py=4441&vpd=3241&cw=1220&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010130&sig=58InNVQq&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPmjeIAPmjeIAAcABBENC1CgAAAAAAAAAChQAAAAAAJBAHoAAgADQAOAA8AC4AHwAWgA-ACMAEkAKAAWwAxAB_AEWAJEAXwA1ABtADiAHIAOcAdQA-QCBgEHAJEAT8AoYBSwDCAHVAPQAhsBD4CLwEegJCAStAmwCbQFNgKvAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNdAbQA24BugDggkEUABAAC4AKAAqABkADgAHgAQAAwABlADQANQAeQBDAEQAJgAT4AqgCsAFgAN4AcwA9ACEgEMARIAjoBLAEuAJoAUoAtwBhgDIAGWANkAd8A9gD4gH2AfsA_wEAgIuAjEBGgEcAJSAUEAp4BVwC5gGKANYAbSA3ADeAHyAQ6AkQBMoCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYBIAAYABYADgALgBGACSAE-AKgAqgBbADEAG8ARYApABpQDUANUAcQBLQClgGyAOoAhsBF4CQgEtAJsAUOApsBYgC4gGBAMPAYsAyMBoQDXQG6BoDwAVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBOwCkQFyAMJAYwAycBnIDPAGfCAEQABgAFgAOAAuADUAIwASQAngBVAC2AGIAN4AiwBSADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAJaATYAocBcQDAgGHgMWAaEA10BugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFAAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBAWwAuQBeYDIgGcgM8AZ8A3IUAVADEAJkAUgAyoBqAGqANoAcQA5AB4AEFAJaAUsA6oCPQE2ALEAYEAw8BmgDQoGuga8MALgA1ADEAJkAUgAygBqADaAHEAOQAeABLQClgFiAOqAj0BJwCbAFiALyAYEAw8BoQDXRkBAAIYATABHADLAHYARwAq4BWwDeALRAWwAvMBkQDOQGeAM-HAZQABAAGAARAA4ADwALgAfABaADmAH4AggBGACgAFsALoAXwAyABoAD-AIQARwAkQBOgCkgFkAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEASoAloBNoCfAJ-AUsAqABWQC9QGAAYEAwgBmQDWAGvAN4AccA6QB1QDyAHoAPkAhABDcCHwIgAREAj0BIQCVgExAJlgTYBNoChQFIAKTAUwApsBUwCqgFXwK2ArsBZQC0AFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqcDXQNeAbQA2wBtw6CsAAuACgAKgAZAA4ACAAF0AMAAygBoAGoAPAAfQBDAEQAJgAT4AqgCsAFgALgAYgAzABvADmAHqAQwBEwCWAJgATQAowBSgCxAFvAMIAw4BkAGUANEAbIA3wB3gD2gH2AfoA_4CLAIwARwAlIBQQCngFXALFAWgBaQC5gF5AMUAbQA3ABzoDpgOoAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAbgAIACCAF8ANAAfwBIgCkAFkALcAXwAy4BqAGqANoAcQA5ABzgDsAHgAQUAnwBQwClgFZALEAYAAwgBmQDeAHVAO2AegBD4CPQEhAJOgTYBNoChQFIAKTAVsAtoBdAC8gF7AMCAYeAxIBmgDQgGigNKAamA10BtgDbiEDMABYAFAAMgAuABiAEMAJgAVQAuABiADMAG8APQAjgBYgDCAGUAN8Ad4A-wB_gEcAJSAUEAp4BV4C0ALSAXMAxQBtADnAHUASCAkQBKgCmgFigLRAWwAuABcgC7QGRAMnAZyAzwBnwDRAGkgNLAcASAWgACAAMAA4AC4AOQAqABfADIAG8AQgAkQBSACygFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBLUCbAJtAUmAqkBZQC0gF7AMPAYiAxYBoQDSgGugNyJQMAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAp4BV4C0ALSAYoA3AB1AD5AIdARUAi8BIgCxQFsALtAXmAyIBk4DLAGcgM8AZ8A0gBrADgCgEwAAQABgALgAfABaADkAH4ARgAqABWAC-AGSAN4A5ACEAEcAJEATIAnQBSACygFyAXwAywBpADUAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJaATaAnwCfgFDAKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAegA-QB_wEegJiATLAmwCbQFIAKYAU2AqYBWwCuwFoALyAX0AwIBh4DFgGhANEAaVA1IDU4Guga8A4IpA-AAXABQAFQAMgAcABBADAAMoAaABqADyAIYAiABMACeAFIAKoAWAAxABmADnAIYAiQBRgClAFiALcAYQAygBogDZAHfAPsA_QCLAEYAI4ASkAoIBVwCtgFzALyAbQA3ACHQEXgJEATsAocBYoC2AFwALkAXaAvMBhoDGAGRAMkAZOAy4BnIDPAGfQNIA0mBrAGsgNjAA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3dafdf35cfd530b032a51aba82cdc8dc4aa22452b197b9c560576254be5bab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1675347112.616183,VS0,VE280
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga13629-LGA, cache-vie6350-VIE
x-traceid: 6b5553b5af30f4f13e81e61551fbc2c4
accept-ranges: bytes
content-length: 36409
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
411 B 626ms
111ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag/andoncord

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HHRPS7FA1WPXTJYV41BV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 121ms
24ms Image
image/gif 23.203.125.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=24&d=data%3Adata%3Adata%3Adata&i=CONDENAST_PREBID_HEADER1&k=SyntaxError%20in%20closure%20%28cb%29%3A%20Failed%20to%20execute%20%27measure%27%20on%20%27Performance%27%3A%20The%20mark%20%27ATP-Init%27%20does%20not%20exist.%2C%20stack%3DError%3A%20Failed%20to%20execute%20%27measure%27%20on%20%27Performance%27%3A%20The%20mark%20%27ATP-Init%27%20does%20not%20exist.%0A%20%20%20%20at%20Object.setMoatLoad%20%5Bas%20moatLoad%5D%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1675347029%3A1%3A30920%29%0A%20%20%20%20at%20emitBoomPixel%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1675347029%3A1%3A32869%29%0A%20%20%20%20at%20handleMoatYieldIntelligenceReady%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1675347029%3A1%3A94775%29%0A%20%20%20%20at%20window.moatYieldReady%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1675347029%3A1%3A95033%29%0A%20%20%20%20at%20https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A61%3A282%0A%20%20%20%20at%20q%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A391%3A346%29%0A%20%20%20%20at%20https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A404%3A457%0A%20%20%20%20at%20a.xa.sode.a.xa.sode.zaxs%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A110%3A476%29%0A%20%20%20%20at%20k.%3Ccomputed%3E%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A328%3A462%29%0A%20%20%20%20at%20https%3A//mb.moatads.com/yi/v2%3Fol%3D0%26qn%3D%25604%257BZEYwoqI%2524%255BK%252BdLLU%29%252CMm%7EtM%2190vv9L%2524%252FoDb%252Fz%28lKm3GFlNUU%252Cu%255Bh_GcS%2525%255BHvLU%255B4%28K%252B%257BgeFWl_%253DNqUXR%253A%253D%252BAxMn%253Ch%252CyenA8p%252FHm%2524%2560%25233P%28ry5*ZRocMp1tq%255BN%257Bq%2560RP%253CG.ceFW%257CoG%2522mxT%253Bwv%2540V374BKm55%253D%25261fp%255BoU5t%28Kc%252CY%2524%253D%21%21taxWi3M%253BI1%255D6WAJN3NZ_h%29G%253E3%255D*lTr1W*d%255B4kf%252FLyUoRdByZ%253CPnKMV%2525%253C%252Cbq.%2522oDOk%252Cz%2525GY%26tf%3D1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-%26vi%3D111111%26rc%3D1%252C1%252C0%252C3%252C3326192205%252C1%252C4%252C0%252Cprobably%252Cprobably%26rb%3D1-gPu8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%252FmliBNlAlwWxmRnpyWz%26rs%3D1-izGQnTcST%252BDrDg%253D%253D%26sc%3D1%26os%3D1-vA%253D%253D%26qp%3D10000%26is%3DBBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB%26iv%3D8%26qt%3D0%26gz%3D0%26hh%3D0%26hn%3D0%26tw%3D5lB%252BNT0WeG%26qc%3D0%26qd%3D0%26qf%3D1600%26qe%3D1200%26qh%3D1600%26qg%3D1200%26qm%3D0%26qa%3D1600%26qb%3D1200%26qi%3D1600%26qj%3D1200%26to%3D000%26po%3D1-0020002000002120%26vy%3Dot%2524b%255Bh%2540%2522oD%7ET_Gr1%253E%253AB%2540NVt7%253BY%253EhyMmxNXJZPV8t6%253D%253Dh_GW3r4Aj%21L%253E%252BbK0pH%2523H%26qr%3D0%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technology%252F2016%252F07%252Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%252F%26pcode%3Dcondenastprebidheader987326845656%26rx%3D29838745313%26callback%3DMoatNadoAllJsonpRequest_81494050%3A1%3A1%2C%20%0Acb%3D%28%29%3D%3E%7BhandleMoatYieldIntelligenceReady%28e%29%7D%0A&ar=8bb996ed3e7-clean&iw=2387774&bq=11&j=&cs=1675347111504
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-127.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 14:11:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 02 Feb 2023 14:11:51 GMT

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 39ms
14ms Fetch
application/json 13.224.189.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-89.fra2.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

6570d5aeddcdc8896db45d20ceaa165df3c35eb002a1984f84ba995bbcfb1f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:09:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA2-C1
Age: 133
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 3755
X-XSS-Protection: 1; mode=block
X-Request-Id: c9559450-b5c0-47e0-9286-2fc874d62486
X-Runtime: 0.015156
X-Backend-Node: 10.110.74.4
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"3ce5547994e7c120c0f1cb67ae8b6035"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Vary: Origin,Accept-Encoding
X-Amz-Cf-Id: PP1f523DTSIizlrTpCQfOr4XHmgWx-Y3znSK9jwgbH-c_cIRRjUxNQ==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C419 367 KB
123 KB 236ms
100ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2864bf3ca82a5e7f9cc6e96e40dc32665faea6bb959d04686ba2155ccba3c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125826
x-xss-protection: 0
expires: Thu, 02 Feb 2023 14:11:51 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 81 KB
30 KB 183ms
47ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

144a41a55929f9b9806a2e13516f977886182d0f962b51ba77513ed090a374e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29870
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 19:43:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 02 Feb 2023 14:21:41 GMT

GET
H/1.1 200
OK player-style-ad5233f92eb6f9be19d0.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame C419 90 KB
13 KB 96ms
20ms Stylesheet
text/css 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 04:22:33 GMT
Content-Encoding: gzip
Via: 1.1 de9b04903710e9099bfc75aaf59c8eda.cloudfront.net (CloudFront)
x-amz-version-id: 2cg9.WiNIDIrJGZmK_WaO3At3S9.Q45s
X-Amz-Cf-Pop: VIE50-C2
Age: 2195358
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12947
Last-Modified: Fri, 02 Sep 2022 18:44:44 GMT
Server: AmazonS3
ETag: "ea430c2406991ae5498deee90d363e49"
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: WnTNDvKWGZnXJ5QdTezIcQL8SEvoM8rvQaI1SJzYVJg6b39s70nL0w==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-71a56a201b348fe616bc.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame C419 960 KB
251 KB 99ms
23ms Script
application/javascript 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady23310502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd3351dc69753f565581887b2020aa802ee2a5be1679c85957c3ca33bfe49360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 00:50:49 GMT
Content-Encoding: gzip
Via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-version-id: iAF9YwX7Ti_uah4NCg1JRvC7H73CuEFA
X-Amz-Cf-Pop: VIE50-C2
Age: 1776063
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 256374
Last-Modified: Wed, 11 Jan 2023 21:23:06 GMT
Server: AmazonS3
ETag: "2f540a94c301d5f28e17d96b39f41d04"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: KL9tk3YB9EpFpmv15yGlDiZDio-ovWM-mHTluQYDkVZ3_qWyeZ4dFg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
BLOB 200
OK 2a94bd82-2480-47e5-b0a6-8b2a9e9a8164
https://arstechnica.com/ Frame C419 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/2a94bd82-2480-47e5-b0a6-8b2a9e9a8164
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 25ms
24ms Image
image/png 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Mar 2023 14:11:52 GMT
date: Thu, 02 Feb 2023 14:11:52 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 27ms
25ms Image
image/svg+xml 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Mar 2023 14:11:52 GMT
date: Thu, 02 Feb 2023 14:11:52 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 412ms
94ms Fetch
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=16ce2f3ca8f3260544435db0f6082bcf_6817_1675347111827&tm=1297&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=4442&wRV=2010130&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPmjeIAPmjeIAAcABBENC1CgAAAAAAAAAChQAAAAAAJBAHoAAgADQAOAA8AC4AHwAWgA-ACMAEkAKAAWwAxAB_AEWAJEAXwA1ABtADiAHIAOcAdQA-QCBgEHAJEAT8AoYBSwDCAHVAPQAhsBD4CLwEegJCAStAmwCbQFNgKvAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNdAbQA24BugDggkEUABAAC4AKAAqABkADgAHgAQAAwABlADQANQAeQBDAEQAJgAT4AqgCsAFgAN4AcwA9ACEgEMARIAjoBLAEuAJoAUoAtwBhgDIAGWANkAd8A9gD4gH2AfsA_wEAgIuAjEBGgEcAJSAUEAp4BVwC5gGKANYAbSA3ADeAHyAQ6AkQBMoCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYBIAAYABYADgALgBGACSAE-AKgAqgBbADEAG8ARYApABpQDUANUAcQBLQClgGyAOoAhsBF4CQgEtAJsAUOApsBYgC4gGBAMPAYsAyMBoQDXQG6BoDwAVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBOwCkQFyAMJAYwAycBnIDPAGfCAEQABgAFgAOAAuADUAIwASQAngBVAC2AGIAN4AiwBSADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAJaATYAocBcQDAgGHgMWAaEA10BugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFAAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBAWwAuQBeYDIgGcgM8AZ8A3IUAVADEAJkAUgAyoBqAGqANoAcQA5AB4AEFAJaAUsA6oCPQE2ALEAYEAw8BmgDQoGuga8MALgA1ADEAJkAUgAygBqADaAHEAOQAeABLQClgFiAOqAj0BJwCbAFiALyAYEAw8BoQDXRkBAAIYATABHADLAHYARwAq4BWwDeALRAWwAvMBkQDOQGeAM-HAZQABAAGAARAA4ADwALgAfABaADmAH4AggBGACgAFsALoAXwAyABoAD-AIQARwAkQBOgCkgFkAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEASoAloBNoCfAJ-AUsAqABWQC9QGAAYEAwgBmQDWAGvAN4AccA6QB1QDyAHoAPkAhABDcCHwIgAREAj0BIQCVgExAJlgTYBNoChQFIAKTAUwApsBUwCqgFXwK2ArsBZQC0AFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqcDXQNeAbQA2wBtw6CsAAuACgAKgAZAA4ACAAF0AMAAygBoAGoAPAAfQBDAEQAJgAT4AqgCsAFgALgAYgAzABvADmAHqAQwBEwCWAJgATQAowBSgCxAFvAMIAw4BkAGUANEAbIA3wB3gD2gH2AfoA_4CLAIwARwAlIBQQCngFXALFAWgBaQC5gF5AMUAbQA3ABzoDpgOoAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAbgAIACCAF8ANAAfwBIgCkAFkALcAXwAy4BqAGqANoAcQA5ABzgDsAHgAQUAnwBQwClgFZALEAYAAwgBmQDeAHVAO2AegBD4CPQEhAJOgTYBNoChQFIAKTAVsAtoBdAC8gF7AMCAYeAxIBmgDQgGigNKAamA10BtgDbiEDMABYAFAAMgAuABiAEMAJgAVQAuABiADMAG8APQAjgBYgDCAGUAN8Ad4A-wB_gEcAJSAUEAp4BV4C0ALSAXMAxQBtADnAHUASCAkQBKgCmgFigLRAWwAuABcgC7QGRAMnAZyAzwBnwDRAGkgNLAcASAWgACAAMAA4AC4AOQAqABfADIAG8AQgAkQBSACygFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBLUCbAJtAUmAqkBZQC0gF7AMPAYiAxYBoQDSgGugNyJQMAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAp4BV4C0ALSAYoA3AB1AD5AIdARUAi8BIgCxQFsALtAXmAyIBk4DLAGcgM8AZ8A0gBrADgCgEwAAQABgALgAfABaADkAH4ARgAqABWAC-AGSAN4A5ACEAEcAJEATIAnQBSACygFyAXwAywBpADUAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJaATaAnwCfgFDAKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAegA-QB_wEegJiATLAmwCbQFIAKYAU2AqYBWwCuwFoALyAX0AwIBh4DFgGhANEAaVA1IDU4Guga8A4IpA-AAXABQAFQAMgAcABBADAAMoAaABqADyAIYAiABMACeAFIAKoAWAAxABmADnAIYAiQBRgClAFiALcAYQAygBogDZAHfAPsA_QCLAEYAI4ASkAoIBVwCtgFzALyAbQA3ACHQEXgJEATsAocBYoC2AFwALkAXaAvMBhoDGAGRAMkAZOAy4BnIDPAGfQNIA0mBrAGsgNjAA.YAAAAAAAAAAA&cheq=0&rtt=489&oo=true&lo=1540&odbreq=2593&odbres=3081&cet=4g&to=1675347108904&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 14:11:52 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 43420d0cd29b968d3321581d29aaec91
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2010130/module/ 2 KB
1 KB 25ms
24ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010130/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 84b62bcb66fe629c3776eb5873461c2a9ee08e0eeaf619c11c678acb343a7bc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Thu, 02 Feb 2023 14:11:52 GMT
content-encoding: gzip
content-length: 709
last-modified: Wed, 01 Feb 2023 13:35:09 GMT
server: AkamaiNetStorage
etag: "b7b09d43c7fc09175304c70507402f7d:1675260290.69205"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Thu, 09 Feb 2023 14:11:52 GMT

GET
H2 200 eyJpdSI6ImZmMzFmZjI2Y2Q3MDZhYmU5MmEzYWFhM2NhMGY4ZmNkM2M1ZTJjMWRlNjhhMzgwMmU0MGFmMjEyYzg2ZGQ4OWMiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 262 KB
262 KB 149ms
19ms Image
video/mp4 23.62.221.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZmMzFmZjI2Y2Q3MDZhYmU5MmEzYWFhM2NhMGY4ZmNkM2M1ZTJjMWRlNjhhMzgwMmU0MGFmMjEyYzg2ZGQ4OWMiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-221-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:52 GMT
last-modified: Fri, 13 Jan 2023 05:34:33 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2211429
access-control-allow-credentials: false
x-traceid: 8a5e336a730f7b24cb16a3ac36f19d8d
timing-allow-origin: *, *
content-length: 268312

GET
H2 206 eyJpdSI6ImZmMzFmZjI2Y2Q3MDZhYmU5MmEzYWFhM2NhMGY4ZmNkM2M1ZTJjMWRlNjhhMzgwMmU0MGFmMjEyYzg2ZGQ4OWMiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 262 KB
263 KB 190ms
61ms Media
video/mp4 23.62.221.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZmMzFmZjI2Y2Q3MDZhYmU5MmEzYWFhM2NhMGY4ZmNkM2M1ZTJjMWRlNjhhMzgwMmU0MGFmMjEyYzg2ZGQ4OWMiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-221-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8aaabc63b3ccba5cf6167ac37a490c4f63c35900b7fc6522d83e73fcf788bfa

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 02 Feb 2023 14:11:52 GMT
last-modified: Fri, 13 Jan 2023 05:34:33 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-268311/268312
cache-control: max-age=2211429
access-control-allow-credentials: false
x-traceid: 8a5e336a730f7b24cb16a3ac36f19d8d
timing-allow-origin: *, *
Content-Length: 268312

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame C419 29 KB
30 KB 484ms
448ms Font
application/font-woff2 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
Date: Thu, 02 Feb 2023 14:11:53 GMT
X-Amz-Cf-Pop: VIE50-C2
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 29632
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
ETag: "7d18db04f980971f2a9c5026bbc34bed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000, public
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: SfdWlbwb-6Yg-IDSySdu2WJ9OBLWrmUQ9tG7Yeen_b-t4I0CGHJ8PQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 bridge3.554.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3BA9 694 KB
222 KB 48ms
47ms Document
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.554.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227392
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 05:30:45 GMT
expires: Fri, 02 Feb 2024 05:30:45 GMT
last-modified: Wed, 01 Feb 2023 19:39:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C419 44 KB
17 KB 278ms
112ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Feb 2023 14:11:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C419 106 KB
28 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 14:11:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TwG49vv/UCxvc/e/eEXnws9aBppuDYKUQHm20ZbXDhzo98OljNRZ/oNkEEkb4Z4Qkn6RhGgbvZDloAkDfD3Mzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame C419 48 B
48 B 467ms
104ms Image
image/gif 52.20.148.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2023-02-02T14%3A11%3A52.042Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.148.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-148-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 02 Feb 2023 14:11:52 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame C419 50 KB
51 KB 10ms
9ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:56:16 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 939
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XoElFtLfqwFfoBYE-IjU6aavi8EfIlaSWjHPuJuep_Ue3pvKAAsHlw==

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
459 B 111ms
111ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F%22%7D&u=https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e73c0a4635bae31b4eb58d714fe767849bdb503b93bcfe3a139501c2b9a991b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:11:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K0CQRF94F4M9R56043JV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame C419 1 MB
0 79ms
18ms Media
video/mp4 18.66.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-86.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 02 Feb 2023 04:51:16 GMT
Via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 33770
X-Cache: Hit from cloudfront
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
Content-Length: 2480939
x-amzn-internal-status: 206
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
Content-Type: video/mp4
Accept-Ranges: bytes
X-Amz-Cf-Id: ecpCMSDktBQ4MCmoDxwoafi1S8szEnay5ct8HZi_EtkRB5D3v7-Ahw==

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame C419 1 MB
0 80ms
19ms Media
video/mp4 18.66.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-86.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 02 Feb 2023 04:51:16 GMT
Via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 33770
X-Cache: Hit from cloudfront
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
Content-Length: 2480939
x-amzn-internal-status: 206
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
Content-Type: video/mp4
Accept-Ranges: bytes
X-Amz-Cf-Id: b34oL2axNG5ul0tbUdxvDjqfUyClGVgTSOOryieHJ9qVlZC3obniMA==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame C419 918 B
1 KB 59ms
17ms XHR
application/x-mpegurl 18.66.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-86.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 08:05:04 GMT
Via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 22190
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Mon, 24 May 2021 13:49:14 GMT
Server: AmazonS3
ETag: "4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: D65qZSJnpIC4BkAjqk3ow0zJzvr9oo1gMsBz-IM-NgWB4JV5upfA0g==

GET
BLOB 200
OK 108d529f-56d9-4e52-894d-1c862e79ab04
https://arstechnica.com/ Frame C419 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/108d529f-56d9-4e52-894d-1c862e79ab04
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c13013a43a53069eb70d8b9f04a77439a5276bac9ac6ebff214062183259407

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 4973
Content-Type: application/javascript

GET
BLOB 200
OK 42416102-5713-4717-8b6f-68da83f4ac81
https://arstechnica.com/ Frame C419 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/42416102-5713-4717-8b6f-68da83f4ac81
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 70012
Content-Type: application/javascript

GET
BLOB 200
OK 3f268e09-6de7-4af3-9dcc-97f66a8caf49
https://arstechnica.com/ Frame C419 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/3f268e09-6de7-4af3-9dcc-97f66a8caf49
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 70012
Content-Type: application/javascript

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame C419 50 KB
51 KB 46ms
24ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:56:16 GMT
X-Content-Type-Options: nosniff
Via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 939
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: GA9zCxoOGPmrZ9cBHoQqpLutPMEWLrSiQrxdn5EYxUf0vDmhsDXLcw==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame C419 50 KB
51 KB 13ms
11ms Image
image/jpeg 65.9.58.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2016/07/after-hiatus-in-the-wild-mac-backdoors-are-suddenly-back/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-187.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 02 Feb 2023 13:56:16 GMT
X-Content-Type-Options: nosniff
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Age: 939
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=14400
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rFFXm2DNFxC72DmvJPGgNjCQALi7t7LUHuquXJ238sy2QcPMLQvvGQ==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame C419 11 KB
1 KB 46ms
45ms XHR
application/x-mpegurl 18.66.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-86.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 06:37:59 GMT
Content-Encoding: gzip
Via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 30263
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 13:54:58 GMT
Server: AmazonS3
ETag: W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: stPKiKjQ5EIkKzhlOjQz1JykoZFlDaoyszGxDBMMjz6cgRHcP9ECcA==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame C419 821 KB
805 KB 21ms
20ms XHR
application/x-mpegurl 18.66.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-86.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:44:25 GMT
Content-Encoding: gzip
Via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 41356
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 13:54:44 GMT
Server: AmazonS3
ETag: W/"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: vYorBnoLqrOnMXhWFiDmFjebWispcWPa2iwBZjiTXMl0cr5CnZmYRw==

GET
H/1.1 200
OK t Show response
elsa.memoinsights.com/ 105 B
347 B 110ms
110ms Script
application/javascript 34.197.246.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&author%5B%5D=Dan%20Goodin&title=After%20hiatus%2C%20in-the-wild%20Mac%20backdoors%20are%20suddenly%20back&date=2016-07-06T21%3A27%3A37Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&cb=MEMO.API.callbacks.cbwbpvrns&v=v3.0.6&t=5000&e=5000&s=0
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.246.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-246-141.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 6429fd19633081a67479e728e752b32990e31942743e31d893737bd8e8d6d6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:11:56 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 105
x-request-id: fb050c64c815edd0dababd2349b09032
content-type: application/javascript

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arstechnica.com/	1970-01-20 11:32:03	Name: ars_user Value: 0%2CGuest
arstechnica.com/	1970-01-20 18:08:03	Name: usprivacy Value: 1---
.arstechnica.com/	1970-01-20 09:22:27	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-20 10:05:39	Name: seen_posts Value:
arstechnica.com/	1970-01-20 18:08:03	Name: __srret Value: 1
arstechnica.com/	1970-01-20 10:00:28	Name: CN_visits_m Value: 1677628800095%26vn%3D1
arstechnica.com/	1970-01-20 09:22:28	Name: CN_in_visit_m Value: true
arstechnica.com/	1970-01-20 18:08:03	Name: OneTrustWPCCPAGoogleOptOut Value: true
.arstechnica.com/	1970-01-20 18:08:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Feb+02+2023+14%3A11%3A51+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=0a3f17e8-85d4-4094-a097-c2951e556adf&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2016%2F07%2Fafter-hiatus-in-the-wild-mac-backdoors-are-suddenly-back%2F&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0%2CC0002%3A0%2CSTACK42%3A0
arstechnica.com/	1970-01-20 18:08:03	Name: __srui Value: 8a2d94bd-a303-11ed-a192-12cac48ffbc9
arstechnica.com/	1970-01-20 11:46:27	Name: cneplayercount Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cnevids.com
api.condenast.io
arstechnica.com
assoc-na.associates-amazon.com
c.amazon-adsystem.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cdn.memo.co
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
elsa.memoinsights.com
geolocation.onetrust.com
images.outbrainimg.com
imasdk.googleapis.com
js-sec.indexww.com
mb.moatads.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.skimresources.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
px.moatads.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
securepubads.g.doubleclick.net
t.skimresources.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
13.224.189.89
13.32.11.75
13.42.74.150
151.101.64.239
151.139.128.10
172.64.151.162
18.165.205.133
18.188.231.255
18.66.15.86
18.66.23.213
199.232.18.132
205.234.175.175
23.203.125.127
23.203.125.62
23.62.221.169
2606:4700::6810:9440
2606:4700::6811:4032
2606:4700::6812:1b55
2606:4700::6813:d983
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2006
2a00:1450:400d:80a::200a
2a00:1450:400d:80e::2008
2a03:2880:f01c:8012:face:b00c:0:3
3.224.52.77
34.197.246.141
35.190.59.101
35.190.91.160
35.201.67.47
52.20.148.9
52.222.139.61
52.94.243.89
64.202.112.191
65.9.58.187
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
129d9d61199f04b6d1fa1f935343bf9d2e59917e9a8d84bc7dba1307b6db56b5
13f590aedf195578255e3362cd25fbc0e6e4c615b988bfc10bf32ea6f56b31f7
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84
144a41a55929f9b9806a2e13516f977886182d0f962b51ba77513ed090a374e0
15ac550babcd12bf0cd1c7362e4aadc9fd32800edd7f3082a2c3bbad7240a2eb
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2b966386db7e5598dc99aae1c9e22fc86b37017d7b99c4a8f0eb5b636bf52d5f
2c13013a43a53069eb70d8b9f04a77439a5276bac9ac6ebff214062183259407
2fffd9fce9c89815f9283c61cd0eb0e9563df67815c7e3065b69198e7390cd49
325e553a1a864e32b6c0a9395991cca0a153307e79db324805d6d12c7472f204
35e42bec2d0ab0cca4aef3e872157a05923e3644c94a5dce9d59853efff2f0bb
35e753bb6d985c6caacc05d79f9943d510c3667ee639acf6bbda0276f5218a8c
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
453c9b81e2ca20c285d3a1406ea41d72f3cca42ad9fc58b0c6c43fa64da55b8c
45a4411c6ab80a3d9e3b6b7a75bccc1619ac83f94767ba868d2234478834c8e9
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4bc7f443f57d55c7eba98816a3d1054bdcee0cc74f4c1302f82056d118f141bb
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
5389ad78a284c909eebb778f0fc0b51d8451a283c323d60dcaf8a5090b165d6f
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
56d57599ab283565f3bd5700beb538b25f890f0ff2205e5f7050c18356a6b354
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
603cba3126c79f1f2573a8c2c7895dd4e16aafcadcd6b251760263f4784a54d3
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
6429fd19633081a67479e728e752b32990e31942743e31d893737bd8e8d6d6dd
6570d5aeddcdc8896db45d20ceaa165df3c35eb002a1984f84ba995bbcfb1f46
659d6abc4b4a426aedfc53cae288c81e75300b11692932c244f2966a27c9b172
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6f74204730db3b573745df85297ddfab4c34974f46406d1bb8691035c1687cef
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
760577261d75b1724a53825766138cc52ea09676703fdb4046cbf2ecb2508b74
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77dce0667b5d38b6e4ed4d244cc7abca21881f572ffb00a7efa6d9e6112adbb7
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
8261aabd72b0748f420d7c688de90a530a77afacf654765e0b2ed1b010913237
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
84b62bcb66fe629c3776eb5873461c2a9ee08e0eeaf619c11c678acb343a7bc9
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
8b1270ab80a148ddb97a92b941c80afa4b8ebc6afc458d8b60a3d4d75bf4f45d
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93eab16bed0ee56de0a1e3a308e02cb8a889a9ef504e0f0b4adb6f256c86c8b7
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
955b9b17b7026556cd56b930022432a32162403a0044cb4e54bc2570116be3fc
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a3a1045bdd4556d83b740335475f60da908d6b0420b78c7688e03943ead2d988
a3dafdf35cfd530b032a51aba82cdc8dc4aa22452b197b9c560576254be5bab5
a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
c08471d744ad2863aea7c8c6413a59ca47b1d29a2bcea0a8cae39ee28f8de400
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c2864bf3ca82a5e7f9cc6e96e40dc32665faea6bb959d04686ba2155ccba3c29
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c78d2b7df526e0cb0e36efbe958b671405735e4d332971ef4a22f047d7e812ec
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7
cd3351dc69753f565581887b2020aa802ee2a5be1679c85957c3ca33bfe49360
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d8f921c5de6c01d39a9d9a517b7d5eeddf22c68a73294ed2af5ef04747aa6cf6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73c0a4635bae31b4eb58d714fe767849bdb503b93bcfe3a139501c2b9a991b5
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ed5a229ceb5b2fcc5c9d0e24ad73dd14e476d9e11bc97cea9a31f5bb6dc98e81
ef2ef4f0e453b0c430da6aca75ff768e3f95e45939c6668677e0b79ba15fee41
f8aaabc63b3ccba5cf6167ac37a490c4f63c35900b7fc6522d83e73fcf788bfa
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

arstechnica.com Open in urlscan Pro 18.188.231.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

97 %HTTPS

29 %IPv6

25 Domains

38 Subdomains

36 IPs

5 Countries

4713 kBTransfer

12242 kBSize

11 Cookies

66 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arstechnica.com Open in urlscan Pro
18.188.231.255 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

97 %
HTTPS

29 %
IPv6

25
Domains

38
Subdomains

36
IPs

5
Countries

4713 kB
Transfer

12242 kB
Size

11
Cookies

134 HTTP transactions
9 data transactions