arstechnica.com Open in urlscan Pro
3.130.39.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Effective URL:
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microso...
Submission Tags: falconsandbox
Submission: On April 25 via api (April 25th 2021, 11:59:58 pm UTC) from US

Summary HTTP 312 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 44 domains to perform 312 HTTP transactions. The main IP is 3.130.39.244, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com.
TLS certificate: Issued by Amazon on December 29th 2020. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.130.39.244 3.130.39.244	16509 (AMAZON-02) (AMAZON-02)
21	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	143.204.247.127 143.204.247.127	16509 (AMAZON-02) (AMAZON-02)
7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.33.139.102 13.33.139.102	16509 (AMAZON-02) (AMAZON-02)
5	13.32.21.36 13.32.21.36	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:da83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.250.155.89 34.250.155.89	16509 (AMAZON-02) (AMAZON-02)
5	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.85.138.43 3.85.138.43	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	3.224.128.70 3.224.128.70	14618 (AMAZON-AES) (AMAZON-AES)
1	52.73.123.163 52.73.123.163	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.192.239 151.101.192.239	54113 (FASTLY) (FASTLY)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.234.45 143.204.234.45	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4032	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.253.102.121 34.253.102.121	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.239 151.101.64.239	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	54.164.187.255 54.164.187.255	14618 (AMAZON-AES) (AMAZON-AES)
2	35.170.235.46 35.170.235.46	14618 (AMAZON-AES) (AMAZON-AES)
19	3.223.14.133 3.223.14.133	14618 (AMAZON-AES) (AMAZON-AES)
5	213.19.162.51 213.19.162.51	3356 (LEVEL3) (LEVEL3)
3	184.25.115.31 184.25.115.31	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
5	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
6	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
17	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
6	52.18.54.41 52.18.54.41	16509 (AMAZON-02) (AMAZON-02)
2	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
42	13.224.194.40 13.224.194.40	16509 (AMAZON-02) (AMAZON-02)
7	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	13.225.84.169 13.225.84.169	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
3	52.207.120.193 52.207.120.193	14618 (AMAZON-AES) (AMAZON-AES)
1	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
23	13.225.87.13 13.225.87.13	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	143.204.245.55 143.204.245.55	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	3.221.88.208 3.221.88.208	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2	184.30.212.16 184.30.212.16	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
12 16	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
312	69

3 3.130.39.244 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-39-244.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.247.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-127.cph50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.139.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-102.cph50.r.cloudfront.net

fpa-cdn.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.getpublica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.21.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-36.fra56.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:da83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.155.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-155-89.eu-west-1.compute.amazonaws.com

segment-data.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.85.138.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-138-43.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.128.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-128-70.compute-1.amazonaws.com

srv-1970-01-01-00.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.123.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-123-163.compute-1.amazonaws.com

fpa-events.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.239 (United States)

ASN54113 (FASTLY, US)

pixel.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.234.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-234-45.cph50.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4032 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.102.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-102-121.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.187.255 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-187-255.compute-1.amazonaws.com

infinityid.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.235.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-235-46.compute-1.amazonaws.com

4d.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.223.14.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-14-133.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

condenastus-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.18.54.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 13.224.194.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-40.fra2.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.84.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-169.fra2.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.120.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-120-193.compute-1.amazonaws.com

wren.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.191 (United States)

ASN23352 (SERVERCENTRAL, US)

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.225.87.13 (United States)

ASN16509 (AMAZON-02, US)

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.245.55 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-55.cph50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.221.88.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

usersync.getpublica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.133.52 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.247 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.181.226 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	cloudfront.net dwgyu36up6iuz.cloudfront.net d2c8v52ll5s99u.cloudfront.net dp8hsntg6do36.cloudfront.net	25 MB
27	condenastdigital.com pixel.condenastdigital.com infinityid.condenastdigital.com 4d.condenastdigital.com capture.condenastdigital.com wren.condenastdigital.com	22 KB
21	doubleclick.net 12 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net	111 KB
21	arstechnica.net cdn.arstechnica.net	840 KB
17	openx.net condenastus-d.openx.net Failed u.openx.net eu-u.openx.net us-u.openx.net	4 KB
14	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	20 KB
14	moatads.com z.moatads.com mb.moatads.com px.moatads.com	277 KB
9	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	56 KB
8	google-analytics.com www.google-analytics.com	20 KB
8	cookielaw.org cdn.cookielaw.org	174 KB
7	yahoo.com 1 redirects c2shb.ssp.yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com	4 KB
7	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com	95 KB
7	skimresources.com 1 redirects s.skimresources.com r.skimresources.com t.skimresources.com p.skimresources.com	15 KB
7	cnevids.com player.cnevids.com api.cnevids.com	98 KB
6	adform.net 6 redirects c1.adform.net	3 KB
6	adsrvr.org match.adsrvr.org	2 KB
6	media.net prebid.media.net contextual.media.net	27 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	55 KB
6	casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com	10 KB
5	googleapis.com imasdk.googleapis.com	628 KB
5	getpublica.com sync.getpublica.com pbs.getpublica.com Failed usersync.getpublica.com	6 KB
5	arstechnica.com 1 redirects arstechnica.com fpa-cdn.arstechnica.com fpa-events.arstechnica.com	34 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	2 KB
4	googlesyndication.com pagead2.googlesyndication.com	25 KB
4	facebook.net connect.facebook.net	193 KB
4	indexww.com js-sec.indexww.com	20 KB
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	rlcdn.com api.rlcdn.com id.rlcdn.com	401 B
3	google.de ampcid.google.de www.google.de	1 KB
3	google.com ampcid.google.com www.google.com	705 B
3	associates-amazon.com z-na.associates-amazon.com assoc-na.associates-amazon.com	4 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	655 B
2	facebook.com www.facebook.com	452 B
2	2mdn.net s0.2mdn.net	33 KB
2	onetrust.com geolocation.onetrust.com	746 B
2	mediavoice.com cdn.mediavoice.com plugin.mediavoice.com	136 KB
1	condenast.io api.condenast.io	4 KB
1	polarcdn-terrax.com polarcdn-terrax.com	650 B
1	parsely.com srv-1970-01-01-00.pixel.parsely.com	229 B
1	zqtk.net segment-data.zqtk.net	396 B
1	googletagmanager.com www.googletagmanager.com	109 KB
1	googletagservices.com www.googletagservices.com	21 KB
312	44

	Domain	Requested by
42	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
23	dp8hsntg6do36.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
21	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
19	capture.condenastdigital.com	arstechnica.com
16	cm.g.doubleclick.net	12 redirects u.openx.net eu-u.openx.net arstechnica.com
10	px.moatads.com	arstechnica.com
8	eu-u.openx.net	cdn.arstechnica.net u.openx.net eu-u.openx.net
8	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
6	c1.adform.net	6 redirects
6	us-u.openx.net	u.openx.net eu-u.openx.net
6	images.outbrainimg.com	arstechnica.com
6	match.adsrvr.org	js-sec.indexww.com cdn.arstechnica.net u.openx.net eu-u.openx.net arstechnica.com
5	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
5	c2shb.ssp.yahoo.com	cdn.arstechnica.net
5	fastlane.rubiconproject.com	cdn.arstechnica.net
5	player.cnevids.com	arstechnica.com cdn.arstechnica.net player.cnevids.com
4	pixel.rubiconproject.com	arstechnica.com
4	sync.mathtag.com	4 redirects
4	usersync.getpublica.com	sync.getpublica.com
4	sb.scorecardresearch.com	2 redirects arstechnica.com
4	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
4	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net connect.facebook.net
4	widgets.outbrain.com	cdn.arstechnica.net widgets.outbrain.com
4	js-sec.indexww.com	arstechnica.com cdn.arstechnica.net
3	token.rubiconproject.com	3 redirects
3	ssum-sec.casalemedia.com	js-sec.indexww.com
3	pixel.quantserve.com	3 redirects
3	acdn.adnxs.com	cdn.arstechnica.net
3	contextual.media.net	cdn.arstechnica.net
3	wren.condenastdigital.com	cdn.arstechnica.net
3	prebid.media.net	cdn.arstechnica.net
3	ib.adnxs.com	cdn.arstechnica.net
3	htlb.casalemedia.com	cdn.arstechnica.net
3	z.moatads.com	arstechnica.com d2c8v52ll5s99u.cloudfront.net
3	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
3	arstechnica.com	1 redirects cdn.arstechnica.net
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	cdn.arstechnica.net eus.rubiconproject.com
2	www.facebook.com	arstechnica.com
2	pubads.g.doubleclick.net	d2c8v52ll5s99u.cloudfront.net
2	s0.2mdn.net	imasdk.googleapis.com
2	log.outbrainimg.com	widgets.outbrain.com
2	www.google.de	arstechnica.com
2	www.google.com	arstechnica.com
2	api.rlcdn.com	js-sec.indexww.com cdn.arstechnica.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	condenastus-d.openx.net	cdn.arstechnica.net
2	4d.condenastdigital.com	pixel.condenastdigital.com
2	p.skimresources.com	arstechnica.com
2	t.skimresources.com	arstechnica.com s.skimresources.com
2	r.skimresources.com	1 redirects arstechnica.com
2	pixel.condenastdigital.com	arstechnica.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com	arstechnica.com
1	id.rlcdn.com	arstechnica.com
1	u.openx.net	cdn.arstechnica.net
1	mcdp-chidc2.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	sync.getpublica.com	player.cnevids.com
1	widget-pixels.outbrain.com	arstechnica.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	infinityid.condenastdigital.com	pixel.condenastdigital.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	api.condenast.io	player.cnevids.com
1	mb.moatads.com	z.moatads.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	fpa-events.arstechnica.com	arstechnica.com
1	srv-1970-01-01-00.pixel.parsely.com	arstechnica.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	segment-data.zqtk.net	cdn.arstechnica.net
1	www.googletagmanager.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	fpa-cdn.arstechnica.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
0	pbs.getpublica.com Failed	player.cnevids.com
312	84

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
www.flickr.com
www.facebook.com
twitter.com
www.reddit.com
www.fireeye.com
en.wikipedia.org
securingtomorrow.mcafee.com
cdn.arstechnica.net
www.blackhat.com
support.microsoft.com
www.arstechnica.com
www.twitter.com
www.outbrain.com
partners.etoro.com
panneaux-transition-ecologique.fr
nos-meilleurs-placements.com
www.info-epargne.info
trk.trkmm.com
news.devispascher.io
condenast.com
www.condenast.com

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon	`2020-12-29` - `2022-01-27`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
fpa-events.arstechnica.com Amazon	`2020-06-24` - `2021-07-24`	a year	crt.sh
*.cnevids.com Amazon	`2020-10-02` - `2021-11-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.zqtk.net Sectigo RSA Domain Validation Secure Server CA	`2020-08-13` - `2021-08-25`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
cnevideos.com Amazon	`2020-12-30` - `2022-01-28`	a year	crt.sh
*.pixel.parsely.com R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
condenast.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-23` - `2022-04-14`	a year	crt.sh
z-na.associates-amazon.com Amazon	`2020-06-19` - `2021-07-19`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
conde.io Amazon	`2020-06-30` - `2021-07-30`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2020-12-14` - `2021-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.getpublica.com Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-05-05`	a month	crt.sh

This page contains 30 frames:

Primary Page: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Frame ID: 77E4BDC5027EF65E756A01CAD377865C
Requests: 193 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9121723447669923
Frame ID: F65BF539976957FCEDFA94653A09C8A4
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: B10CD0A766F803D934FCBB81856499D3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E294F09A239FB287B3D01352F8310D07
Requests: 47 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4E6F88B98CF6EEE622E6687D960E4C12
Requests: 26 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 4904D4BB7904F2CA047E7ED0C3CE5FD9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: AFC04C858D0145BEBA48D73D0C24C4C3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: BEBADF81AE3A9C8B8CBF99845660769C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A507F739DA3A20BB90481B8D986DF93B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D0105916834C2D21520E1405AF7242AC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Frame ID: 0EF297C31FA347B2715E301E685AB8C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Frame ID: A6C987EFBDB2BEB9F3DCB1E7CEE0D3F5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: F15324F1C4F5245E59EB5B270C18178B
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 533169461EFBF87DD6A5B9AFA50F31E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7811F11D636110606AFD418B93D43483
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 978EDE431F4302FC73FA0340D943087F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 17D812C6163715A09473D3F90B66DA77
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 57AA61EF5D8946A8D19E0A931BD08252
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Frame ID: A716B0AA78949B6C99F48282C38BEB72
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B5261E3E58EB905D3720954AC9F9365
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 1CCD66972B3BB4A89087DEB804730A23
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A881BE7950BE27D066B80E436241AA1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Frame ID: 7DC5C659A989BEC8C69D4EA19AE7B883
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 59CFF59AB6C7626C28366A09E3D2D0E5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: C539F579E706F83B4C3700E3D5C7813B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 85CC3C879310715466591FA4CBD2D84D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9EBC9E123ADC3B2EA47BB7495F4E6460
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6779B7D8CE48894887BFBBA0EBBF25ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Frame ID: 9152DE23C81ABBA95816487C948BBF9F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Frame ID: 4C4D17DA2BA3F7715F16E68BE8A0A19D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-m... HTTP 301
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-expl... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

312
Requests

97 %
HTTPS

28 %
IPv6

44
Domains

84
Subdomains

69
IPs

7
Countries

28537 kB
Transfer

36538 kB
Size

38
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/doos/3953478168
Title: Rob Enslin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Booby-trapped+Word+documents+in+the+wild+exploit+critical+Microsoft+0-day&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069&title=Booby-trapped+Word+documents+in+the+wild+exploit+critical+Microsoft+0-day
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://twitter.com/mikko/status/851454200747880448
Title: patch the vulnerability on Tuesday

Search URL Search Domain Scan URL

URL: https://twitter.com/ryHanson/status/851159178416496640
Title: adding the following to their Windows registry

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/04/acknowledgement_ofa.html
Title: blog post published Saturday

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/HTML_Application
Title: HTML application

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Rich_Text_Format
Title: Rich Text Format

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-attacks-detected-wild/
Title: blog post

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image1.png

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image2.png

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/us-15/briefings.html#attacking-interoperability-an-ole-edition
Title: presentation

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit
Title: Enhanced Mitigation Experience Toolkit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/first-look-xbox-adaptive-controller
Title: First Look: Xbox Adaptive Controller

Search URL Search Domain Scan URL

URL: https://www.twitter.com/dangoodin001
Title: @dangoodin001

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube
Title: Modern Vintage Gamer Reacts To His Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-the-nes-conquered-a-skeptical-america-in-1985
Title: How The NES Conquered A Skeptical America In 1985

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-immersive-stories-deepen-the-horror-of-games-like-soma-and-amnesiac-rebirth
Title: How Horror Works in Amnesia: Rebirth, Soma and Amnesia: The Dark Descent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-one-gameplay-decision-changed-diablo-forever
Title: How One Gameplay Decision Changed Diablo Forever

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-mortal-kombat
Title: Unsolved Mortal Kombat Mysteries With Dominic Cianciolo From NetherRealm Studios

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/us-navy-gets-an-italian-accent
Title: US Navy Gets an Italian Accent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-amazons-undone-brought-dreams-to-life-through-rotoscope-and-oil-paints
Title: How Amazon’s “Undone” Animates Dreams With Rotoscoping And Oil Paints

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-nba-jam-became-a-billion-dollar-slam-dunk
Title: How NBA JAM Became A Billion-Dollar Slam Dunk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-alan-wake-was-rebuilt-3-years-into-development
Title: How Alan Wake Was Rebuilt 3 Years Into Development

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-prince-of-persia-defeated-apple-ii-s-memory-limitations
Title: How Prince of Persia Defeated Apple II's Memory Limitations

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-crash-bandicoot-hacked-the-playstation-to-run
Title: How Crash Bandicoot Hacked The Original Playstation

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-myst
Title: Myst: The challenges of CD-ROM | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/markiplier-reacts-to-his-top-1000-youtube-comments
Title: Markiplier Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-the-evolution-of-oddworld-and-what-comes-next
Title: How Mind Control Saved Oddworld: Abe's Oddysee

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe
Title: Bioware answers unsolved mysteries of the Mass Effect universe

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-civilization
Title: Civilization: It's good to take turns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-dod-resets-ballistic-missile-interceptor-program
Title: SITREP: DOD Resets Ballistic Missile Interceptor program

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/warframe-s-rebecca-ford-reviews-your-characters
Title: Warframe's Rebecca Ford reviews your characters

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-subnautica
Title: Subnautica: A world without guns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-slay-the-spire-war-stories
Title: How Slay the Spire’s Original Interface Almost Killed the Game | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-amnesia-the-dark-descent-the-horror-facade
Title: Amnesia: The Dark Descent - The horror facade | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-c-and-c-tiberian-sun
Title: Command & Conquer: Tiberian Sun | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-blade-runner-skinjobs-voxels-and-future-noir
Title: Blade Runner: Skinjobs, voxels, and future noir | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-dead-space-the-drag-tentacle
Title: Dead Space: The Drag Tentacle | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/teach-the-controversy-flat-earthers
Title: Teach the Controversy: Flat Earthers

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-gets-a-crucial-green-light
Title: Delta V: The Burgeoning World of Small Rockets, Paul Allen's Huge Plane, and SpaceX Gets a Crucial Green-light

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/chris-hadfield-explains-his-space-oddity-video
Title: Chris Hadfield explains his 'Space Oddity' video

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/apollo-the-greatest-leap-episode-1-risk
Title: The Greatest Leap, Episode 1: Risk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-ultima-online-the-virtual-ecology
Title: Ultima Online: The Virtual Ecology | War Stories

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: http://www.outbrain.com/what-is/default/en
Title: Powered by

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=52916&Task=Click&SubAffiliateID=FR_Netflix_Outbrain_AFFID_52916_&TargetURL=https://go.etoro.com/fr/dynamic?symbol=nflx
Title: Et si vous aviez investi 1000€ dans des actions Netflix il y a un an?eToro

Search URL Search Domain Scan URL

URL: https://panneaux-transition-ecologique.fr/
Title: Panneaux solaires de nouvelle génération beaucoup plus rentable !Panneaux Transition Ecologique

Search URL Search Domain Scan URL

URL: https://nos-meilleurs-placements.com/lp1/
Title: Nouveau livret avec un rendement 10 fois supérieur aux placements traditionnelsNos Meilleurs Placements

Search URL Search Domain Scan URL

URL: https://www.info-epargne.info/livret-actif/?utm_source=Outbrain&utm_term=$publisher_name$&utm_content=desktop
Title: Ce nouveau livret d'épargne à 3.89% disponible partout en France !Info Epargne

Search URL Search Domain Scan URL

URL: http://trk.trkmm.com/933f1517-cb47-41c6-bf4c-dc5e8b92515e?utm_source=ob&utm_campaign=sep20_dk&utm_term=$section_name$&utm_content=0002308fd11160aa44558e873f10c4e149-Intestins%3A+Un+truc+simple+pour+les+vider+enti%C3%A8rement&t=$ob_click_id$&a=ob
Title: Intestins: Un truc simple pour les vider entièrementNutrivia

Search URL Search Domain Scan URL

URL: https://news.devispascher.io/solaire-hybrides-lp-out
Title: Propriétaires : Nouveaux panneaux solaires hybrides financés jusqu'à 80%devispascher.io

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/ HTTP 301
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01F45QJPZ9NF3MAM5YGGQ13Z1A&persistence=1&checksum=c13eef625ccb719c70509a8d443ec9299f42c21cdf3aabf595c199a38afc695f

Request Chain 227

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=233528&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395175791&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=233528&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395175791&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null

Request Chain 276

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c1116086-0269-4500-a2a4-361a6e7246bb

Request Chain 277

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zxda08kVVNzURVPRz0JP18wSVIfUFVvTzhS_54g5

Request Chain 278

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4570243549238492708

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKSFdEZ6xmXBwrHOk24ajY&google_cver=1

Request Chain 282

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ecc96086-0269-4e00-88c5-f64139849007

Request Chain 283

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hZxNgoOeQ42ezkSN0p1Yg4vIQIeeyk2Ei5U4_h1B

Request Chain 284

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5308246646932714119

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFtmYW5ePuF3o6KRbxMhG3I&google_cver=1

Request Chain 288

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77726086-0269-4600-b760-fbae01866115

Request Chain 289

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BJE2dgKTOHkfwz8hVpQjcVSUOyEfkzhwA8Ke0Odn

Request Chain 290

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4994714157912175003

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIGFTXPPITZrHMLOOh2oGWQ&google_cver=1

Request Chain 302

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1---&google_tc=

Request Chain 305

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YIYCagAAdEKjywAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIYCagAAdEKjywAC&us_privacy=1---&_test=YIYCagAAdEKjywAC

Request Chain 306

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=77726086-0269-4600-b760-fbae01866115

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHxp7DkR5870AATpBo_sPFY&google_cver=1

Request Chain 308

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNXU2P3M-24-H7HF&sigv=1&esig=2~eb2a23162d93029c09bbbf3f26f1a59330ae733f&us_privacy=1---

Request Chain 309

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/YeaUrBLRwX2YXQd5t3pbLcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7110016302388067203

Request Chain 314

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=10000&ns_st_pa=10000&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395185791&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=10000&ns_st_pa=10000&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395185791&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null

312 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Redirect Chain

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

48 KB
16 KB

296ms
296ms

Document
text/html

3.130.39.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.130.39.244 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-39-244.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 / PHP/7.3.27

Resource Hash

e25f696ea4752460f6a353215430fc8e158971c18d734f28841b73f10a2f12f6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: arstechnica.com
:scheme: https
:path: /information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.17.10
x-powered-by: PHP/7.3.27
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip

Redirect headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-type: text/html; charset=UTF-8
location: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
server: nginx/1.17.10
x-powered-by: PHP/7.3.27
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests

GET
H2 200 main-d2da6083f3.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 342 KB
71 KB 67ms
21ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b5ac9be9ddb414f29f9729dbd5295284938848998df6fec71e95919c2831fd89

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 72433
x-cf-tsc: 1614866387
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: W/"604038a5-559b0"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 21731
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:32 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 27ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jSkN56qNMXaDzbRwUxPUng==
age: 2332
vary: Accept-Encoding
content-length: 5801
cf-request-id: 09ad1271f300004e61b0b7d000000001
x-ms-lease-status: unlocked
last-modified: Tue, 20 Apr 2021 14:24:18 GMT
server: cloudflare
etag: 0x8D90407FC0C8BD1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cef827e1-301e-001a-2c58-37f789000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b86964a294e61-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 32ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YyyuJSQqC/IlFtjhtrYhpg==
age: 2309
vary: Accept-Encoding
cf-request-id: 09ad1271f300004e61a99e5000000001
x-ms-lease-status: unlocked
last-modified: Wed, 03 Mar 2021 08:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 092852fe-901e-00bd-3547-25ce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 645b86964a2f4e61-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "853 / 440 of 1000 / last-modified: 1619215752"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21081
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 178ms
61ms Script
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:55:00 GMT
content-encoding: gzip
server: Server
age: 272
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id: 91sh9omyQf1RKFEQNr-6fjImr02aIsLgGDBL5gjgmrkBo4ifGOW5Cw==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 252 KB
78 KB 128ms
83ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3652e6fb02f1582911a2b3d050df9cb8afde04444b29988e9fb16af00756d8bd

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-cf3: H
x-amz-request-id: JNR53EFG6EDCKVW7
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:M
x-cache-hits: 1
content-length: 79179
x-amz-id-2: jIXpuu+7x5WAIpQz86WX8RXkMJubN5QH3ffhRVyHFajajyfH80eXfBZYmAGP1NEJ52LgVqaW03c=
x-served-by: cache-dca17768-DCA
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 30 Mar 2021 15:47:52 GMT
server: CFS 0215
x-timer: S1619395052.344656,VS0,VE26
x-cff: B
etag: "56259f4aba3a72d9a618a888a0b9e8de"
vary: Accept-Encoding
x-amz-version-id: ZYjgECg5VPATF6BzRg_X0F4BnidR2jba
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 86
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1619395139
expires: Mon, 26 Apr 2021 00:01:32 GMT

GET
H/1.1 200
OK 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 46 KB
15 KB 573ms
499ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4788c1ffaabfbf3623c7f23a57d37d79b95b2a8f647759d4112ab20fe4c500ef

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Apr 2021 23:56:30 GMT
Server: Apache
ETag: "da115e-b864-5c0d4c72ab4d8"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 15420
Expires: Mon, 26 Apr 2021 00:59:33 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 195 KB
69 KB 116ms
43ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 159870d28d6a141f4c7da2dcf3970caf103a391dea9149500a8407276a69b070

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 21:09:45 GMT
server: AmazonS3
x-amz-request-id: E3BDDD289E397918
etag: "6de83688cc282085483a4cc5b2af5420"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37358
accept-ranges: bytes
content-length: 70131
x-amz-id-2: U9GYVekAAwSGOfM92sqJ4DbMt0y7r2179Zty7d43OPVhgx8fhx3W0uPQYwDhR0cD+We90KlpAbA=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 152 KB
49 KB 110ms
66ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 42e09a00f781da1e4c4ccc4ea4f8520d7e090ad29dd246bb35cc71a6842b2030

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-cf3: M
x-amz-request-id: H5Q9QVZF1625YMDR
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cache-hits: 1
content-length: 49702
x-amz-id-2: aD/qE3jjvkJQpWmSi9SQ00xMYddhjr3YaOQvLlVsEefMbtNAppPjB851xVSMklnOD0vbQPxDOis=
x-served-by: cache-dca17727-DCA
cf4ttl: 119.500
x-cf2: H
last-modified: Mon, 19 Apr 2021 22:10:45 GMT
server: CFS 0215
x-timer: S1619394927.666230,VS0,VE1
x-cff: B
etag: "0e6244555a249dd552c07f2366b91c16"
vary: Accept-Encoding
x-amz-version-id: 54LEZLTXGtXy7J3L7zpFBFpEgfzuMG9N
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 2
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1619394927
expires: Mon, 26 Apr 2021 00:01:32 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 127ms
82ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 1143
x-cf-tsc: 1614866391
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: W/"604038a5-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 34457
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:32 GMT

GET
H2 200 word-500x392.jpg
cdn.arstechnica.net/wp-content/uploads/2017/04/ 43 KB
44 KB 470ms
467ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/word-500x392.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8da8c23d9bf300c6d309b03cb5678ebadb3b4754e3c081278dbb6f82cbcac094

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:M
content-length: 44404
x-amz-request-id: Y3QXNJWEC8KAJZX8
x-amz-id-2: u6+FWqAcoeE4GrMxBvc04CjwJT+ikAbFDTPlqwuQGwglKdYgxsCJo8T1sZNx/55g63lvBjRuhLQ=
x-cf-tsc: 1619395173
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:45 GMT
server: CFS 0215
x-cff: B
etag: "8df26b709ac8859e153a4ce7f300a47c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 image1-300x98.png
cdn.arstechnica.net/wp-content/uploads/2017/04/ 20 KB
21 KB 576ms
573ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image1-300x98.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 2c42115c0847de6030c95c350f66525b4311997d1911f4d887e8f1c991fcadcc

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:M
content-length: 20764
x-amz-request-id: Y3QHBPQ495V7T5PK
x-amz-id-2: hfP05rYaPOi+HI2aQcN2dWbrhWzAYhSApdilsgIdFV5pYMN8rfxj6AAQzTFcj3ELELtgJdxBLxo=
x-cf-tsc: 1619395174
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:04 GMT
server: CFS 0215
x-cff: B
etag: "75b5eb7d39b709a9ebc341f6e8288af1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 image2-300x99.png
cdn.arstechnica.net/wp-content/uploads/2017/04/ 48 KB
49 KB 566ms
564ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image2-300x99.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3b150a27981e05771154e8231d64b433239056246ef9ab87aa1573b115125980

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:M
content-length: 49567
x-amz-request-id: Y3QY1RJTJASPBY8W
x-amz-id-2: /PyQ5nHAPBXGp8/rcMPgq8ttdZ7P3jJ0+Ze/X0DcGRED3Jeebbzkt0iPObkd0m5VR5Aoh7WhgCY=
x-cf-tsc: 1619395173
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:04 GMT
server: CFS 0215
x-cff: B
etag: "67a076a08ba92c105622b59dd9b6d208"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 main-e7aebfbfda.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 658 KB
214 KB 22ms
21ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e7aebfbfda.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 17f21ab470f0a1cacd46e91124483e9223826b56adb10a874538b4bd9a0f45ed

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 218215
x-cf-tsc: 1614866387
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: W/"604038a5-a495d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 31134
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:32 GMT

GET
H2 200 p.js Show response
fpa-cdn.arstechnica.com/keys/arstechnica.com/ 49 KB
17 KB 240ms
73ms Script
application/x-javascript 13.33.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fpa-cdn.arstechnica.com/keys/arstechnica.com/p.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-102.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 07:30:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 18:36:23 GMT
server: AmazonS3
age: 108335
etag: W/"9ad5803fbe8f447002010c8ec44dbf00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Vr_-9M9Aqn7XE64PGgHMLh2k3_8fSyiijO2W5u1x28YR1f35ZLx_rA==

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 104 KB
27 KB 260ms
142ms Script
text/javascript 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-36.fra56.r.cloudfront.net

Software

nginx/1.14.1 /

Resource Hash

5f9d9c24e264795c4ef5bc45509e8a7ee42243a7c113ab4ac03676260291a248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 27080
X-XSS-Protection: 1; mode=block
X-Request-Id: 1857ea17-8454-4f1c-bbb4-676731b61f5b
X-Runtime: 0.011538
X-Backend-Node: 10.110.25.70
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.1
ETag: W/"ee3ad5533ba1d0dfef3cc4e0479ab653"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: FoYSKKh8spAWrSX6jFPqteJGqoZ5SKD7LUiUpXZ2iIu6HojUlfZ-Ew==

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 48ms
23ms Script
text/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2663
via: 1.1 varnish
cf-ray: 645b8697bf1c1f1d-FRA
cf-ipcountry: DE
content-length: 2018
cf-request-id: 09ad1272d200001f1d0a0d9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2337721495 2337476855
x-country: DE
cache-control: max-age=21600
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 35 KB
14 KB 68ms
22ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b97d9bc8940075002b3e2cafed153c488f88364d1e2400d872d7738a8f5f1b3

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 12:07:49 GMT
server: AmazonS3
x-amz-request-id: B49CQMCVXAB4MFJK
etag: "7ddc15263eb7f45069cc96b617eec85b"
x-hw: 1619395173.cds009.pa1.hn,1619395173.cds024.pa1.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13633
x-amz-id-2: qQn3vweAZ5budRarccPakZg7yMnY8HN16SqXfxhSjjDyDFLA1bOY8MBSRmE0lMd6Xo9JYSX1Si0=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 425 KB
109 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8d5d28c75e5bbd7c8bfc0aabc23f5c236700eba6dcc059791b624a60d851741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111601
x-xss-protection: 0
last-modified: Sun, 25 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 3 KB
2 KB 29ms
16ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872cc759897ebba5c23edb9704dc1f5a6e85f928837edfb852828d068050e666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5NsoXCBfHdLEmas37j4+sw==
age: 2640
vary: Accept-Encoding
content-length: 1361
cf-request-id: 09ad127273000005e9e213d000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Apr 2021 13:50:39 GMT
server: cloudflare
etag: 0x8D904CC7280F8EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 03c7f35d-d01e-00fe-01cd-36e483000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b86971e8605e9-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
519 B 40ms
20ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 645b8697ae164de2-FRA
cf-request-id: 09ad1272ce00004de2523b9000000001

GET
H/1.1 200
OK condenast-amp Show response
segment-data.zqtk.net/ 51 B
396 B 120ms
38ms XHR
application/javascript 34.250.155.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.155.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-155-89.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: max-age=30
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 51
Expires: Mon, 26 Apr 2021 00:00:03 GMT

GET
H2 200 ads.js Show response
arstechnica.com/hotzones/src/ 0
494 B 109ms
109ms XHR
application/javascript 3.130.39.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/hotzones/src/ads.js

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.130.39.244 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-39-244.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /hotzones/src/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: arstechnica.com
referer: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 17:14:00 GMT
server: nginx/1.17.10
etag: "607dba58-0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 65ms
21ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 25592
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 109ms
66ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 24264
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
227 B 15ms
14ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 645b8697be254de2-FRA
cf-request-id: 09ad1272d400004de2e497d000000001

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 blockquote-afedeab761.svg
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 419 B
742 B 20ms
20ms Image
image/svg+xml 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/blockquote-afedeab761.svg
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 419
x-cf-tsc: 1616819604
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-1a3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 14494
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 21ms
21ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
x-amz-request-id: 9S3WRDC5J8889WFX
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 92486
x-amz-id-2: b+W+M33IuAaKI77uMa5sN3gpAnEv6f20q4U+pnQPaZ3sJXNx5LiiUfmEuVflxaxDSXKOt09pQ9E=
x-cf-tsc: 1618356410
cf4ttl: 43200.000
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 39825
accept-ranges: bytes
content-type: image/jpeg
x-cf-rand: 53.071
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 25ms
24ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 4809
x-cf-tsc: 1614866394
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13954
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 48ms
43ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 18824
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 71ms
66ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 24212
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 71ms
66ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 22872
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 92ms
88ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 18972
x-cf-tsc: 1614866377
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 31663
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 90ms
85ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 20872
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-5188"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 13152
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 56ms
52ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 19516
x-cf-tsc: 1614866377
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 31663
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 opensans-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 64ms
60ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 20748
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-510c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 29888
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 70ms
66ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-d2da6083f3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fB.cdg1:co:1525808045:cacheB.cdg1-01:H
content-length: 22104
x-cf-tsc: 1614866395
x-cf2: M
last-modified: Thu, 04 Mar 2021 01:32:21 GMT
server: CFS 0215
x-cff: B
etag: "604038a5-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 31681
accept-ranges: bytes
expires: Sun, 20 Jun 2021 23:59:33 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 172 KB
58 KB 670ms
602ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e7aebfbfda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d19d1af09b3168474f8ec0141b4f35138b2215242d13a14553c45f8a969d678

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 16:12:29 GMT
etag: W/"2ae74-4kfs+RNTwallKVMCBDCG0wYVi0o"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 5dad27a9d9642b35d46af47420d5deee
timing-allow-origin: *, *
expires: Mon, 26 Apr 2021 03:59:33 GMT

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 426ms
100ms XHR
application/json 3.85.138.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e7aebfbfda.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.85.138.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-138-43.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

082b526f84a7149db4d26f1e929d06bf7cefab5f297ba13cc77bdbda22697e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 663
X-XSS-Protection: 1; mode=block
X-Request-Id: 84ad0006-a49b-4ce7-b98d-fd6a1e6458ea
X-Runtime: 0.002178
X-Backend-Node: 10.110.78.147
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"162c03056318b5586a75303867d0676c"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
84 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 2093574
vary: Accept-Encoding
content-length: 85065
cf-request-id: 09ad12738100004e617483f000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:28 GMT
server: cloudflare
etag: 0x8D8F2581A370641
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be1a1759-401e-017c-7124-270386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b8698cd0b4e61-FRA
expires: Mon, 03 May 2021 23:59:33 GMT

GET
H2 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 103ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H/1.1 200
OK /
srv-1970-01-01-00.pixel.parsely.com/plogger/ 43 B
229 B 417ms
97ms Image
image/gif 3.224.128.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-1970-01-01-00.pixel.parsely.com/plogger/
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.128.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-128-70.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fpa-events.arstechnica.com/plogger/ 43 B
257 B 432ms
97ms Image
image/gif 52.73.123.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpa-events.arstechnica.com/plogger/?rand=1619395173279&plid=56565781&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&sref=&sts=1619395173275&slts=0&title=Booby-trapped+Word+documents+in+the+wild+exploit+critical+Microsoft+0-day+%7C+Ars+Technica&date=Mon+Apr+26+2021+01%3A59%3A33+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=66573611&u=pid%3De154e40a6d65710f2fc1be2d151f2954
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.123.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-123-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 25-Apr-2021 23:59:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ars-technica.config.js Show response
pixel.condenastdigital.com/config/v2/production/ 8 KB
2 KB 81ms
20ms Script
application/javascript 151.101.192.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.condenastdigital.com/config/v2/production/ars-technica.config.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 281ba70d6e7e5c193cd6b4bbb0c656e15e9479573bc02debaeba7c084c37bb21

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
Age: 204679
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1288
x-amz-id-2: xXZXkiNgWP4MDgFMT/EHIn0UI8LDh658a1Iguh9wMhV2nHJ4yh7/mPwaVrmXzVoNvFKnvOLpnoA=
X-Served-By: cache-bwi5168-BWI, cache-cdg20752-CDG
Access-Control-Allow-Origin: *
Last-Modified: Fri, 23 Apr 2021 15:07:51 GMT
Server: AmazonS3
X-Timer: S1619395173.350570,VS0,VE1
ETag: "6fc027161d3e51fb7aa83372ee003894"
Vary: Accept-Encoding
x-amz-request-id: GCNQQD92PV181WJN
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 23 Apr 2021 21:08:14 GMT
Cache-Control: no-cache, public, max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1, 1

POST
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01F45QJPZ9NF3MAM5YGGQ13Z1A&persistence=1&checksum=c13eef625ccb719c70509a8d443ec9299f42c21cdf3aabf595c199a38afc695f

173 B
487 B

28ms
27ms

XHR
application/json

35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01F45QJPZ9NF3MAM5YGGQ13Z1A&persistence=1&checksum=c13eef625ccb719c70509a8d443ec9299f42c21cdf3aabf595c199a38afc695f

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

b3954c6cc46e0410df9329ad37228c369fc480970c0fd5475dcff46db48c6a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://arstechnica.com
vary: Accept-Encoding
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

Redirect headers

date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://arstechnica.com
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://r.skimresources.com/api/?xguid=01F45QJPZ9NF3MAM5YGGQ13Z1A&persistence=1&checksum=c13eef625ccb719c70509a8d443ec9299f42c21cdf3aabf595c199a38afc695f
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame F65B 0
102 B 69ms
26ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9121723447669923
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 68ms
25ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=0.1748670929686713
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 68ms
26ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=0.1748670929686713
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1140
date: Sun, 25 Apr 2021 23:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 01:40:33 GMT

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 222ms
80ms Script
text/javascript 143.204.234.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.234.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-234-45.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 06:57:11 GMT
content-encoding: gzip
accept-charset: UTF-8
server: Server
age: 61342
x-amz-rid: RG5WTTF5SY3CNZSC7Q8T
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 3V2SVdyUV4cwNr9G74GH7BP_DdmUh0pGjUUr0csvghl3KK-itzQ41Q==
via: 1.1 b91a90a28488c8f64670c4717a942dad.cloudfront.net (CloudFront)

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 358 KB
133 KB 24ms
15ms Script
application/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ffeb969972ae39749979ba9b85e117d0782c5f3dc790c57c06103f6aa97e916

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11893
content-type: application/javascript
content-length: 136099
cf-request-id: 09ad1273fe00001f1d17958000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 21 Apr 2021 20:40:43 GMT
server: cloudflare
etag: W/"60808dcb-59971"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2123701901
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 645b869998941f1d-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 25 Apr 2021 20:57:18 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
650 B 34ms
18ms XHR
application/json 2606:4700::6811:4032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4032 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
x-country: DE
cf-ray: 645b8699798d4a85-FRA
cf-request-id: 09ad1273ef00004a855bad0000000001

GET
H2 200 yi.js Show response
mb.moatads.com/ 1 KB
2 KB 128ms
48ms Script
text/html 34.253.102.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&callback=MoatNadoAllJsonpRequest_1492163
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.102.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-102-121.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 9ad86f96d9ea0e5505f92387803f974d512460dddd02baf2578d71d6f5f23a3f

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "8f24d7dfa2fd3a3f83f58c8269742eb0503a407d"
content-length: 1515
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1619395173346&de=315357308592&d=CONDENAST_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=96661e7&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=arstechnica.com&bd=arstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day&ac=1&bq=11&f=0&na=150766751&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 170ms
56ms XHR
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 41369
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Sun, 25 Apr 2021 12:30:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1ebf52f5e79648444025879af65610d2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: vOYEf01YmD0apgzkNN1nnDuGeppAo1VdAUYil-Mzq1xXsRilehXXwA==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ef17d20e-0b37-40e7-a82c-27f698052aea/ 144 KB
25 KB 10ms
9ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ef17d20e-0b37-40e7-a82c-27f698052aea/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bd4690251e5c8160cb7f363b6875636b2c8303fd5e1ec4c5aa6ce97ef2c437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: q2rb1hXNzd74dSH5F5Hb5Q==
age: 2520
vary: Accept-Encoding
content-length: 25274
cf-request-id: 09ad12742b000005e91db84000000001
x-ms-lease-status: unlocked
last-modified: Wed, 21 Apr 2021 13:50:43 GMT
server: cloudflare
etag: 0x8D904CC750F4BE8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3a3d0599-d01e-00d7-19df-3692c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b8699da0505e9-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 242 KB
34 KB 14ms
13ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a052d66ed0e757990bd8ec897a24b7e410b11ca7e7704503c7401fb83bdecc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b2AAhNDUadie13dYwy5Y4w==
age: 2315
vary: Accept-Encoding
content-length: 34177
cf-request-id: 09ad12742c000005e9e2152000000001
x-ms-lease-status: unlocked
last-modified: Sun, 25 Apr 2021 13:00:03 GMT
server: cloudflare
etag: 0x8D907EA0AA87684
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 69a87a4e-901e-0058-7ad5-39dc9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b8699da0705e9-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 67 KB
15 KB 11ms
11ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80187c5fc5664a19b370b9e1e348b7dd1beb8d94c686a5d4247251c08416dd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jt+zHwQQ7xuPZTukKbMqww==
age: 1498507
vary: Accept-Encoding
content-length: 14819
cf-request-id: 09ad12742c00004e61698e5000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:27 GMT
server: cloudflare
etag: 0x8D8F2581968B9FC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2bd46ced-a01e-005b-378e-2cdf9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b8699ee364e61-FRA
expires: Mon, 03 May 2021 23:59:33 GMT

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 12 KB
4 KB 443ms
393ms Fetch
application/json 151.101.64.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: d719cdff4b2a6e4b9f5c89a3f9018312eca453f4ab3c44795a814d1576038f5f

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
access-control-allow-origin: https://arstechnica.com
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-cdg20759-CDG
Server: nginx/1.15.8
X-Timer: S1619395173.489277,VS0,VE373
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK sparrow.min.js Show response
pixel.condenastdigital.com/ 39 KB
14 KB 19ms
19ms Script
application/javascript 151.101.192.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.condenastdigital.com/sparrow.min.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 265974f7dd29be4bae22250bd4afd4e57a20eb3c12dc8f623218e1cd8b03fd76

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
Age: 253091
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 13716
x-amz-id-2: hv3TeSvLstde7cZjf9MYdwsSx17S9sAnFb3EQ0GDjgYcyWffgKHfnt9yY+Ssf1JTjW5uYJw2MHg=
X-Served-By: cache-bwi5128-BWI, cache-cdg20752-CDG
Access-Control-Allow-Origin: *
Last-Modified: Mon, 11 Jan 2021 15:41:14 GMT
Server: AmazonS3
X-Timer: S1619395173.439679,VS0,VE0
ETag: "30d7c159549adc8b40ad11e587074634"
Vary: Accept-Encoding
x-amz-request-id: 57K365KAM6CD17G0
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 11 Mar 2021 15:24:09 GMT
Cache-Control: no-cache, public, max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1, 25125

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 14ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2719
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 26 Apr 2021 00:14:14 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
535 B 33ms
14ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 9 KB
3 KB 11ms
11ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fRJA75J6r2mGFJ+1cXZ3Ag==
age: 540059
vary: Accept-Encoding
content-length: 2571
cf-request-id: 09ad1274e3000005e93032d000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:20 GMT
server: cloudflare
etag: 0x8D8F2581561D893
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d7f4a0b4-701e-0059-0e45-35dd60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 645b869b0b4705e9-FRA
expires: Mon, 03 May 2021 23:59:33 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
464 B 72ms
47ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
infinityid.condenastdigital.com/ 36 B
1 KB 417ms
106ms XHR
text/plain 54.164.187.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://infinityid.condenastdigital.com/?rand=1619395173639
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.187.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-187-255.compute-1.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: 7521115e34e5890491443f2e72c69a83b8462b38a97ff4eed30aa01f6737adf2

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
Server: nginx/1.15.8
vary: origin,accept-encoding
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive
transfer-encoding: chunked
expires: 0

GET
H/1.1 200
OK content Show response
4d.condenastdigital.com/ 4 KB
2 KB 424ms
113ms XHR
application/json 35.170.235.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4d.condenastdigital.com/content?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.235.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-235-46.compute-1.amazonaws.com
Software: /
Resource Hash: 36db514bee2ec91f56cac3fbce1295fdedf90e41d587733fb70f4fd265a4b342

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 413ms
97ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-04-25T23%3A59%3A33.640Z&_t=pubadsReady&cBr=Ars%20Technica&cKe=exploits%7Cmicrosoft%7Coffice%7Cvulnerabilities%7CWord%7Czeroday&cCh=information%20technology&cTi=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=749&cId=1074069&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day&pRt=referral&pHp=%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pWw=1600&pWh=1200&pPw=1600&pPh=4900&pSw=1600&pSh=1200&uID=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&uNw=1&uUq=1&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&uDt=desktop&dim1=%7B%22runtimeId%22%3A%22rEeTfjGtaQBBo%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22exploits%22%2C%22microsoft-3%22%2C%22office%22%2C%22vulnerabilities%22%2C%22word%22%2C%22zeroday%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%7D%2C%22version%22%3A%226.45.0%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 30ms
29ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H/1.1 200
OK 5b27ee7e8c1abc4e7900000f Show response
api.cnevids.com/v1/video_groups/ 94 KB
16 KB 181ms
180ms XHR
application/json 3.85.138.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e7aebfbfda.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.85.138.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-85-138-43.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

1a4c6423c6be25dfcd527eefad63698b6aefd63d79802bba6917cdd458fcab1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 15829
X-XSS-Protection: 1; mode=block
X-Request-Id: da6ef91b-4be6-4684-9f45-fc2b6277122c
X-Runtime: 0.004876
X-Backend-Node: 10.110.27.220
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"c0d6e9e20405c334c9e19449ae365215"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 88ms
87ms XHR
text/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pid=obODZkEnOBs2k&cb=0&ws=1600x1200&v=7.61.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x250%22%2C%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22mid-content%2Fdesktop%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22information-technology%22%2C%22us_privacy%22%3A%221---%22%7D&cfgv=0&gdpre=1&gdprc=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
via: 1.1 6e7498469e2ca10a35f5f52ababba925.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CPH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: fBBqIlq9NowNzfoycqaDftKUdjt4Y9AfL6N4vP5YxcoRKNAH7X8Nkw==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 335 B
2 KB 192ms
101ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552970&size_id=15&alt_size_ids=2%2C43%2C44&us_privacy=1---&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v4.32.0&x_source.tid=9a9bb9de-a6f8-4eeb-9711-564138a47a87&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=1&rand=0.22330597020326248
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: db4649494b4b305c5539ed3c0ee954f538e3b953b930902c4c84f40e8d0e7108

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 335
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
373 B 237ms
176ms XHR
application/json 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375855&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223764f05eff51b8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22442eaaf373cbda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22442eaaf373cbda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22442eaaf373cbda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22442eaaf373cbda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 302ad78f250c6648ffd32cf3bc473a9104bf807b617823a89f8247a1230bb02c

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.128.25.236], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 28
expires: Sun, 25 Apr 2021 23:59:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 153ms
94ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

901faa59d208ffaf7ce2cb9f8d1e4e5816dde4bd71b9c7257628adbdfd756c57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
X-Proxy-Origin: 185.128.25.236; 185.128.25.236; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.48:80
AN-X-Request-Uuid: a0fde598-9d28-460b-9363-3c26518556a1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
475 B 164ms
92ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50400002c&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: a279c31dc8aece465847bf33b5650f77c92bf389ad5378bb962bbe7014ff6989

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET arj
condenastus-d.openx.net/w/1.0/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
804 B 125ms
67ms XHR
application/json 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7ed6539405692e1eb89915fb56407ff64dfab01f3088befe6634c89c7e11d77b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 576
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
2 KB 205ms
99ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v4.32.0&x_source.tid=e78fc5df-e7cd-4f29-af9b-e0c1002444a7&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=1&rand=0.07164299027553511
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d629be57195e2f2eb415a646bf16729d1834b6cf56764b597f9b0dd003b6c031

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
2 KB 230ms
123ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v4.32.0&x_source.tid=e78fc5df-e7cd-4f29-af9b-e0c1002444a7&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=1&rand=0.13368650510952418
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 847f38c34d4d2ea5a88f656d04e7011a89ffe7162a366d1f709229e70b5c4e81

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 6 KB
4 KB 179ms
126ms XHR
application/json 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221696f3faa185437%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221711e413709a7cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218a27c604ad7942%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1c7dfd0be65c82b1a647b30a807508b520489b3aa44c17a75d4134b7d0deb5ec

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.128.25.236], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4142
x-ak-client-geo: 28
expires: Sun, 25 Apr 2021 23:59:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 258 B
1 KB 228ms
81ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3db201265ff930de1145cad85c826a123a514c601bd761a8f1e942ad2058c5a1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
X-Proxy-Origin: 185.128.25.236; 185.128.25.236; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 599466a7-90aa-4b46-a712-31c6cb9a2444
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
475 B 236ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 4d2d6db4bd01b1aef48e4d572db47602ca09a50d1528748f88d5d2830532b730

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
475 B 319ms
83ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 456741f052fb96cb3fe51a56a61fa3d6aaf8a7ba345d3ceac0d07cd0110bd8c5

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 188 B
367 B 1099ms
30ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e78fc5df-e7cd-4f29-af9b-e0c1002444a7%2Ce78fc5df-e7cd-4f29-af9b-e0c1002444a7&nocache=1619395173684&us_privacy=1---&aus=728x90%2C970x250%7C728x90%2C970x250&divIds=hero_728x90_970x250%2Chero_728x90_970x250&auid=541000619%2C541000563&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 5fe4d6de64d3d8be44720e779a9a9f4a7f1dabb7f19e1a02debeaac7c22da635

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
802 B 119ms
67ms XHR
application/json 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 837433070e29027e219300b61bb600ddd9307c1555a4a2a6d8df1d98ad1a1c78

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 574
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
375 B 1336ms
110ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Server: Server
x-amz-rid: 88JFV1X1FHYDXMRHN098
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=1320808173&gjid=1295366292&_gid=2044715989.1619395174&_u=aGBAgUAjAAQCAE~&z=1950760943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Apr 2021 23:59:33 GMT
content-type: text/plain
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 112ms
37ms XHR
application/json 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183973&gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd4c29326c981c8b38ab6caf8fccb7fcae4b6d01e75d6a49da6fbc37c0c48c67

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://arstechnica.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Tue, 25 May 2021 23:59:33 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
246 B 325ms
26ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&ct=4
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 25 Apr 2021 23:59:34 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=1320808173&_u=aGBAgUAjAAQCAE~&z=1940117141

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 35ms
16ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=1320808173&_u=aGBAgUAjAAQCAE~&z=1940117141

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434 Show response
player.cnevids.com/script/video/ 68 KB
22 KB 133ms
133ms Script
text/javascript 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e7aebfbfda.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-36.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

4883cddba3aafc46864c8933b35c095e3a5b31a231b2894089f4cb7447ee93be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 22144
X-XSS-Protection: 1; mode=block
X-Request-Id: bf1ee811-edf2-4b21-ac50-47b1247494cc
X-Runtime: 0.005588
X-Backend-Node: 10.110.73.144
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"dba8e7630bf84de43083edb01423f43e"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: kU64dUy3n8NHDMbG4CYPzdYw-w_G-Ic14fK4j8QochPhwx5cM4h8eA==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 113ms
33ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 01:11:39 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1205274
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=200;cpu=0;start=2021-04-12T01:11:38.954Z;desc=miss,rtt;dur=5,cloudinary;dur=110;start=2021-04-12T01:11:39.003Z
Content-Length: 11899
Last-Modified: Tue, 16 Mar 2021 23:00:54 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "49fd6cf75b5acbe4ea95126496406585"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ZY1dLx3MKv9XDgmVPUDBhgsS7gv-BFX4jV82VHWqU1VUAjPhatOHKg==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 115ms
35ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 222
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T00:27:26.718Z;desc=hit,rtt;dur=1
Content-Length: 16317
Last-Modified: Fri, 22 Jan 2021 06:42:21 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "4796345150de82db7572da4e13d5fbc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oPaIQiBN_BAavLJuMpUK8ZmAf-dhYijnJ5eVPlDm-y6DQprj2fMdBQ==

GET
H/1.1 200
OK arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 14 KB
15 KB 142ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 287
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T03:41:43.039Z;desc=hit,rtt;dur=2
Content-Length: 14171
Last-Modified: Tue, 15 Dec 2020 23:57:35 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rmoG0PN_5s10KInvlpwnQRV5OSxU3FacykcMUqmq5XBRUspgBZJIGA==

GET
H/1.1 200
OK arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 15 KB
16 KB 144ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 287
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T00:30:22.294Z;desc=hit,rtt;dur=1
Content-Length: 15071
Last-Modified: Fri, 30 Oct 2020 04:37:01 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ZbhpHqyEYMzJOA8fjbXXO6UuVRzeVm00OHIux6tIMkJlRhLDlvZe0g==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 187ms
39ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:59:34 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T00:50:40.658Z;desc=hit,rtt;dur=6
Content-Length: 14113
Last-Modified: Tue, 20 Oct 2020 20:00:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "963bf0b22c745f95a06f32ee1317b872"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: y8cYoI_z5tgdhn8HhuIkBqg9djDYqUnljkc-kKLlaipSopk-nIr6iw==

GET
H/1.1 200
OK arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 15 KB
16 KB 180ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 288
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=0;start=2021-04-24T04:49:20.452Z;desc=hit,rtt;dur=6
Content-Length: 15079
Last-Modified: Tue, 13 Oct 2020 18:09:01 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "d57f99149a48173e30de572cfa48ed93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 8sg-eZ0BRAEJxdE2_ll4iFhsflf8o5wSuvMTYnTxwaiArh3SquYEDw==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 111ms
36ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 224
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T08:19:14.082Z;desc=hit,rtt;dur=1
Content-Length: 14772
Last-Modified: Mon, 21 Sep 2020 20:59:56 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "4049b10cd3281951b01beb4f36134234"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: nCMl9eX5latt7vL-vlVYtIFSUa9oyDZZRO73A6zQd1ksn99wIQondQ==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 105ms
30ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 27 Mar 2021 23:25:22 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2507652
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=1;cpu=0;start=2021-03-27T23:25:22.104Z;desc=hit,rtt;dur=3
Content-Length: 3374
Last-Modified: Mon, 31 Aug 2020 23:24:32 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "3f16924a1fdff64e971a0491115fc147"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: nWIK5ImYwFdMJtSSOC3tgFBBKlZg-mEuNwaHjcYGPR583NreX8WIfg==

GET
H/1.1 200
OK arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 14 KB
15 KB 108ms
36ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 288
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T03:41:43.192Z;desc=hit,rtt;dur=0
Content-Length: 14667
Last-Modified: Tue, 18 Aug 2020 22:01:18 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: TtzNsVG9ya6XZh0kZ0GsKrQoT8nKWcucnQRa2SrU9e-EnuqCx4fJJA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 11 KB
12 KB 107ms
33ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 288
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T00:47:37.814Z;desc=hit,rtt;dur=1
Content-Length: 11486
Last-Modified: Tue, 04 Aug 2020 15:57:19 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "7a8a596aae95c9a900261808554523e6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: QJe9ASBCCTiIl6wGdQ5Yy9nscubZ-W_FDiq1dLnQKOFKP98tenykUg==

GET
H/1.1 200
OK arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 6 KB
7 KB 99ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 12:31:20 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1078094
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=2;cpu=0;start=2021-04-13T12:31:20.028Z;desc=hit,rtt;dur=5
Content-Length: 6124
Last-Modified: Wed, 22 Jul 2020 17:29:08 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "51113bf4443c0cf453d0e8bf60489ac7"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 02tHNqL0f9Ao87OSMRkTfOVk1KXAvWAilD-VpUbE7JthfaC6pABIzQ==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 10 KB
11 KB 99ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T04:08:43.768Z;desc=hit,rtt;dur=10
Content-Length: 10345
Last-Modified: Tue, 14 Jul 2020 16:10:31 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "60622b64688dbb49917234d4091856fb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Q_I8uhsFqBEIkheW2KEEGCkRAnV74WRpW1vIXBD43f4bfKde0-LLlA==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 108ms
39ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:36:37 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2330577
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=1;cpu=0;start=2021-03-30T00:36:37.390Z;desc=hit,rtt;dur=5
Content-Length: 15307
Last-Modified: Tue, 30 Jun 2020 16:17:42 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: AQmGtmHUkPrl02iFinowpZk_uNEvlDX1OaTqJEUeGQFDRX5n6UBc5Q==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 14 KB
15 KB 104ms
36ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T03:41:43.262Z;desc=hit,rtt;dur=1
Content-Length: 14149
Last-Modified: Tue, 16 Jun 2020 16:24:59 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "bd63326fa81d10df9e2da1245d3c122c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: iRfScYxoY1wo-9qpZ6Qc-JRLz88FeCFMoJ3WoM4jBDZVvJFzelYkaA==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 107ms
35ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:59:34 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T01:09:07.058Z;desc=hit,rtt;dur=2
Content-Length: 9054
Last-Modified: Fri, 12 Jun 2020 00:52:29 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oh2emff1H9I234ChbnfZzcAeVPykGG0MEN_w5GoTFlEgnS6E228WiQ==

GET
H/1.1 200
OK arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 11 KB
11 KB 104ms
33ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:16:33.316Z;desc=hit,rtt;dur=2
Content-Length: 10817
Last-Modified: Fri, 15 May 2020 23:19:35 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "9417ada34c9b6b07ccd41a463b717969"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: wyJKBvwB-wAYV0x4HHjAS4al3SiSONEa-JOnzw7u-LNf5Gb2hekrdQ==

GET
H/1.1 200
OK arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 15 KB
16 KB 103ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-15T03:31:47.539Z;desc=hit,rtt;dur=0
Content-Length: 15682
Last-Modified: Wed, 18 Mar 2020 01:43:41 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oIcAg9MZtjOETDoEKsZFjbf4TzUZ3s6m1lfAxoy6eJTfOXki9jXg2g==

GET
H/1.1 200
OK arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 17 KB
18 KB 108ms
37ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T00:50:40.758Z;desc=hit,rtt;dur=0
Content-Length: 17475
Last-Modified: Thu, 27 Feb 2020 18:16:40 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "7588b83c6eb2a1165344abad7e12e715"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: DFB_o-xUH6JW5GyHXJYVM0maxQ_k57sDgPnMTKLLXoyxBwPyaNSUHw==

GET
H/1.1 200
OK arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 13 KB
14 KB 106ms
34ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-24T03:41:43.462Z;desc=hit,rtt;dur=1
Content-Length: 13522
Last-Modified: Wed, 29 Jan 2020 20:33:36 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vEahHpzbq3aRBIfJ0w9ZQ75Cl_jj3eJE2dyqbNROurYsQD0CgG-O7w==

GET
H/1.1 200
OK arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 9 KB
9 KB 106ms
33ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-15T03:31:47.581Z;desc=hit,rtt;dur=0
Content-Length: 8832
Last-Modified: Tue, 21 Jan 2020 16:11:08 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Oit-eTpcd4_oUDucM04LRcZ1ygRm-2rF6O1LqXBcCxkZsbQpmBPN8g==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 12 KB
13 KB 107ms
34ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-15T04:10:26.814Z;desc=hit,rtt;dur=6
Content-Length: 12614
Last-Modified: Thu, 27 Feb 2020 15:06:28 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "4a7903cbe66890b5688d843661943ccd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: PrVpP-aC3-VqRv6NiLNYEP7nXvIqFL0e6WwvU97WjIwxFxLWNkBH5A==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 11 KB
12 KB 101ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:05:06.031Z;desc=hit,rtt;dur=6
Content-Length: 11417
Last-Modified: Fri, 08 Nov 2019 14:35:23 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3e8509d06c6610d54babcac0d91e5d93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oHt8dvXZO_bPFIBIiupfp_eEB5NYYBd0gVZxTtwmv8GW0I1kttQN6g==

GET
H/1.1 200
OK arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 16 KB
17 KB 108ms
37ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-15T03:31:47.595Z;desc=hit,rtt;dur=0
Content-Length: 16236
Last-Modified: Mon, 23 Sep 2019 11:27:54 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "72002610618f7bf8bf0e52c760e39897"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: StXd6bjtHzf08hMMdKOYW7ZSepsq7GODeavufwruv3tcoaXjEFSZiw==

GET
H/1.1 200
OK arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 11 KB
11 KB 102ms
33ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 17:48:52 GMT
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2441442
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=1;cpu=0;start=2021-03-28T17:48:52.022Z;desc=hit,rtt;dur=1
Content-Length: 10793
Last-Modified: Tue, 17 Sep 2019 19:55:15 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "0e1ff58ccf6d97759de3d774a7ff835a"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: xC8DJEUmdqNIhxomstiCtEqIbMEQhoKgwAxvyH_0GnwbAeTGTYKGHQ==

GET
H/1.1 200
OK arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 14 KB
15 KB 104ms
34ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-24T03:41:43.812Z;desc=hit,rtt;dur=0
Content-Length: 14837
Last-Modified: Thu, 27 Jun 2019 19:34:59 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: JAqNecu1WRUv7fHintY26JzMcw3wbX0DksWtCARfeKY4sOfB08l1PQ==

GET
H/1.1 200
OK arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 15 KB
16 KB 101ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T03:41:43.821Z;desc=hit,rtt;dur=1
Content-Length: 15222
Last-Modified: Wed, 05 Jun 2019 17:40:02 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "8c45b6c645caba59f4b14d3fbdc09062"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: hsRvwFvrfXVPyFIrO5VNPDaS9ufY8AzKqOcuCQTtIEfDawGbtgcQpA==

GET
H/1.1 200
OK arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 15 KB
16 KB 105ms
36ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-15T04:10:14.046Z;desc=hit,rtt;dur=2
Content-Length: 15634
Last-Modified: Thu, 02 May 2019 18:45:52 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "abee90e53f29ba0127fca9442ab50902"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vaJyUdXUghS8C4wEPn7MUaPbrqq4K2dNDvY27Xay8nc0A8CYslPvIw==

GET
H/1.1 200
OK arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 15 KB
16 KB 108ms
35ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;start=2021-04-25T00:50:40.843Z;desc=hit,rtt;dur=1
Content-Length: 15251
Last-Modified: Tue, 16 Apr 2019 18:59:19 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3e7cdc13e718680bf5e1efa64468b560"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: plLovUyK1_9cnAmsh79yYmWgjFSSsQPNeV_YGwSH4w6snRzUH9ePlg==

GET
H/1.1 200
OK arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 19 KB
19 KB 108ms
36ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T03:41:43.954Z;desc=hit,rtt;dur=0
Content-Length: 19022
Last-Modified: Wed, 27 Feb 2019 16:48:24 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "fe52b9acd391d8bee8de15a0f429b377"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: iNboHKgw1CAMC-RS38co_khopVRjYlGzFgUvrtQPzIvUhRzXPRWB0w==

GET
H/1.1 200
OK arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 18 KB
19 KB 102ms
30ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:05:12.264Z;desc=hit,rtt;dur=8
Content-Length: 18172
Last-Modified: Fri, 15 Feb 2019 15:34:33 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "32f1b8954559c8d598e9861f5b8360b9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9PAei5njAzFjd67216Jp0UmoI5cjvnfZPKeDsxebFehZJSa3p0pQqw==

GET
H/1.1 200
OK arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 7 KB
8 KB 104ms
28ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 19:31:38 GMT
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2435276
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=2;cpu=1;start=2021-03-28T19:31:38.813Z;desc=hit,rtt;dur=3
Content-Length: 7393
Last-Modified: Tue, 08 Jan 2019 16:38:58 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: uVwCqN4omucELKyZlA44u13XX61is11nB_7iJqTc56sMSwVRo02AKw==

GET
H/1.1 200
OK arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 10 KB
11 KB 103ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 117
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T08:20:16.416Z;desc=hit,rtt;dur=1
Content-Length: 10595
Last-Modified: Fri, 09 Nov 2018 14:44:53 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: HrRsPZhyu-3KWfBKS9tc3ILXftt8a31Bp9v6B9RjY5lyLJEpkVLnFA==

GET
H/1.1 200
OK arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 12 KB
13 KB 100ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 203
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T08:20:16.457Z;desc=hit,rtt;dur=1
Content-Length: 12509
Last-Modified: Fri, 21 Sep 2018 16:51:30 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "b9c502ffc902b60d0eb13698b37a945d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vmKcvlWwCnHRd6X_kycUZ0cSnAeSOh4mS8zS038NzcUS6mqBooERRQ==

GET
H/1.1 200
OK arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 7 KB
8 KB 102ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1022083
X-Cache: Hit from cloudfront
Date: Wed, 14 Apr 2021 04:04:51 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-03-15T04:04:23.383Z;desc=hit,rtt;dur=0
Content-Length: 7181
Last-Modified: Fri, 06 Jul 2018 12:23:22 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "0549828edcecd339d8d10ebe6119de70"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: J4nUnvplg_GBUXbGeAL7As-nfyTg1yJ8Nj0Aedi-On8Y2dW4WJZKow==

GET
H/1.1 200
OK arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 14 KB
15 KB 96ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-24T04:42:23.524Z;desc=hit,rtt;dur=11
Content-Length: 14040
Last-Modified: Tue, 05 Dec 2017 01:52:25 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "ecc047c6eed3dc571a78eab647201220"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MEt7i2d9AgjPB5MXL3W9IGjR8_j5ITy9SAKlTeIjYy_W8e1UES5Buw==

GET
H/1.1 200
OK arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 14 KB
14 KB 96ms
29ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 199
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:37 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-15T03:31:47.698Z;desc=hit,rtt;dur=0
Content-Length: 13885
Last-Modified: Fri, 06 Jul 2018 19:56:42 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: HRLhzE2aTLDyEl4AFYn7H3GDdR1UKaR67LHSbRTs-9mL-8jmTI0S9Q==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 83ms
83ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v4.32.0&x_source.tid=76511d5f-2366-4708-ba2b-00cb4402782e&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=1&rand=0.6844557291708764
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 85de7ae21bb108e964340f53357c9c8bfd55574e86d357f93beb02f5dce2b967

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 148ms
125ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v4.32.0&x_source.tid=76511d5f-2366-4708-ba2b-00cb4402782e&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&slots=1&rand=0.952662663476475
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 14b4f14e4aed5549be95ab27287bc656b288585c5bfc94ce4b951641065dd907

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 7 KB
5 KB 148ms
148ms XHR
application/json 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22345a6eef990de66%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235b21f747b8bec5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223605bf39db9dac5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2cca5aba163acaf2c1f9d5d6165b374b89ca4972abe3038de2a4435b09107d6b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.128.25.236], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4328
x-ak-client-geo: 28
expires: Sun, 25 Apr 2021 23:59:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 144ms
100ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d99b3cb5cb997306b644cb1ef372fe0fd4fd22b60bcf1a312f601f9b29ab661c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:33 GMT
X-Proxy-Origin: 185.128.25.236; 185.128.25.236; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid: cfdbb3a1-bd69-4298-860f-752aac2f130c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
475 B 249ms
121ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: a9b7fc17e65f84271549f982bba3f9b45dce62d5c797a4a555f05856caa15940

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
475 B 246ms
111ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: eef1362e2dc6989ccf5c85a67be44a172b70cbbe74adc2da78bfc68e991c3070

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 188 B
570 B 913ms
30ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=76511d5f-2366-4708-ba2b-00cb4402782e%2C76511d5f-2366-4708-ba2b-00cb4402782e&nocache=1619395173869&us_privacy=1---&aus=300x250%2C300x600%7C300x250%2C300x600&divIds=rail_300x250_300x600%2Crail_300x250_300x600&auid=541000589%2C541000592&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 3b3d0b79fe69813370f33c2ea260ff0d1ba2e20243f7708dc1a272f31c46e680

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
804 B 75ms
74ms XHR
application/json 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b007dbfcccea179fcd6c00d14ee5b1073ec43ce1be762263991b46a8341529a

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 576
expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H/1.1 200
OK 5afc7010841c4b6e41000001.js Show response
player.cnevids.com/script/video/ 68 KB
22 KB 230ms
136ms Script
text/javascript 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/5afc7010841c4b6e41000001.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3&recStrategy=similar2_3&showPlaylistBar=false

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-36.fra56.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

4883cddba3aafc46864c8933b35c095e3a5b31a231b2894089f4cb7447ee93be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a4f97a8c-1aa2-42d8-b9a8-0b346e8203d9
X-Runtime: 0.005216
X-Backend-Node: 10.110.27.36
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.16.1
ETag: W/"8e4b964a1da4d840fd055cfcaca903d7"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: 3AWVRs4bebWmD74nZmhZbT5a6BMVwwN-x8CGiU9m6_cx-Ydx5Z7WUA==

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame B10C 416 B
799 B 34ms
33ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1619368578.003118"
last-modified: Sun, 25 Apr 2021 16:11:48 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 25 Apr 2021 23:59:33 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619395173~rv=89~id=c57fc4356ccee147f42d11b6becdbdc8; path=/; Expires=Sun, 25 Apr 2021 23:59:33 GMT; Secure; SameSite=None

GET
H/1.1 200
OK YXJzdGVjaG5pY2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 352ms
33ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=9643
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 6a9d76c31a39cb390d04f8a7774018d8
Content-Length: 16
Expires: Mon, 26 Apr 2021 02:40:17 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
452 B 35ms
33ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=3.881272962272552
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:33 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 25 May 2021 23:59:33 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame B10C 610 B
993 B 33ms
33ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1619368578.818636"
last-modified: Sun, 25 Apr 2021 16:11:48 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 25 Apr 2021 23:59:33 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619395173~rv=89~id=c57fc4356ccee147f42d11b6becdbdc8; path=/; Expires=Sun, 25 Apr 2021 23:59:33 GMT; Secure; SameSite=None

GET
H2 200 sync.js Show response
sync.getpublica.com/ 12 KB
5 KB 3255ms
74ms Script
application/javascript 13.33.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.getpublica.com/sync.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-102.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 16:36:13 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 05:02:28 GMT
server: AmazonS3
age: 1409005
etag: W/"57f96c63a498b1c3dc1a3c5ff601974b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 360e1220d10dac057f451e8ec0e907f6.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: QYYWHreqUsRNySpV6yFoiCra7OJyNg6RJc251cOYXW-Y9KbLjX2C5A==

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 10 KB
4 KB 333ms
132ms Fetch
application/json 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=5afc7010841c4b6e41000001&playerType=interlude&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-36.fra56.r.cloudfront.net

Software

nginx/1.14.1 /

Resource Hash

b9d30b01e0a45378b7f21ff5454038373f1783824b9978c2c1adff665b758a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3424
X-XSS-Protection: 1; mode=block
X-Request-Id: a90e733c-4a50-46db-b4e7-2b0f0b2222c5
X-Runtime: 0.008483
X-Backend-Node: 10.110.73.64
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.1
ETag: W/"e30f0e2e64b502323078820e1f6f7106"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: KzRiO8rzpcGe_EsedYaHIbO-BVOtMmhRd4OkrOdwPunGgJNg1ZUo-g==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E294 334 KB
115 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:34 GMT

GET
H3-29 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 73 KB
26 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a5258bbef812094b4a85b596b96aebe76c5598d41703ada6e20fef2b943a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 616
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27011
x-xss-protection: 0
expires: Mon, 26 Apr 2021 00:04:18 GMT

GET
H/1.1 200
OK player-style-abb0de6918fca8264be7b7adba283776.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame E294 74 KB
12 KB 1104ms
32ms Stylesheet
text/css 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7401eddcf89110f15c8ae1dbc8bb7c246c19ea1d5ddb8316635b8e0863a812f2

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 02:38:17 GMT
Content-Encoding: gzip
Age: 6643279
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11497
Last-Modified: Mon, 14 Dec 2020 21:16:55 GMT
Server: AmazonS3
ETag: "7f12c01248e2e00b16fced6ad0766b0d"
Content-Type: text/css; charset=utf-8
Via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: a8akG06tHlEvPP9-oGpVCri-OBvO9kUW1rRdb5feJW8GGuc9H3Y9yQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-3b69c14074aa2063b323.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame E294 924 KB
232 KB 1119ms
34ms Script
application/javascript 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 257ba62cb20455a8ec546150210bf7ee08eb205362d5799404bdc0197913f242

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:27:47 GMT
Content-Encoding: gzip
Age: 372709
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 236768
Last-Modified: Wed, 21 Apr 2021 13:58:43 GMT
Server: AmazonS3
ETag: "2e217e557a659d69b5d8a3876f1c5344"
Content-Type: application/javascript
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: 6bVw-KFZMwS-N0iejUpTLkx6lV3S0wONVUzsQ4po_iLwBEW0EPzPhQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK user Show response
4d.condenastdigital.com/ 67 B
463 B 162ms
118ms XHR
application/json 35.170.235.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4d.condenastdigital.com/user?xid=47a4bb5d-117c-4fdb-a669-ed083338466f
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.235.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-235-46.compute-1.amazonaws.com
Software: /
Resource Hash: ea7c8bcb59df59164853dcaa9804018bb8a9c6568462d3aadbdbb4549b438242

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 10 KB
4 KB 325ms
132ms Fetch
application/json 13.32.21.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=604b9ee038d06931f218aaca&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5afc7010841c4b6e41000001.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3&recStrategy=similar2_3&showPlaylistBar=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-36.fra56.r.cloudfront.net

Software

nginx/1.14.1 /

Resource Hash

81c8fee9f1cc303c4b87846d83eca2ff3e3fe86cdee76d1fbd9fefc672d97dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3347
X-XSS-Protection: 1; mode=block
X-Request-Id: bfb8170b-8de0-4310-b2b4-7775937d1926
X-Runtime: 0.007193
X-Backend-Node: 10.110.25.70
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.1
ETag: W/"3fccf3ac097a83ab1687ea6cb63bc788"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: QDXivSjOcG__b9xQJxYbttZy5bMl5fc-VYKKHPg1-drW5oph7XIK-w==

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4E6F 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:34 GMT

GET
H/1.1 200
OK player-style-abb0de6918fca8264be7b7adba283776.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4E6F 74 KB
12 KB 998ms
34ms Stylesheet
text/css 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5afc7010841c4b6e41000001.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3&recStrategy=similar2_3&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7401eddcf89110f15c8ae1dbc8bb7c246c19ea1d5ddb8316635b8e0863a812f2

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 02:38:17 GMT
Content-Encoding: gzip
Age: 6643279
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11497
Last-Modified: Mon, 14 Dec 2020 21:16:55 GMT
Server: AmazonS3
ETag: "7f12c01248e2e00b16fced6ad0766b0d"
Content-Type: text/css; charset=utf-8
Via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: FDI3e2ABM3l-6kmdRoP8q0nLklt7VAopB0cMoaR81fxDxsMtrBK4RQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-3b69c14074aa2063b323.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4E6F 924 KB
232 KB 1034ms
36ms Script
application/javascript 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5afc7010841c4b6e41000001.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3&recStrategy=similar2_3&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 257ba62cb20455a8ec546150210bf7ee08eb205362d5799404bdc0197913f242

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 16:27:47 GMT
Content-Encoding: gzip
Age: 372709
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 236768
Last-Modified: Wed, 21 Apr 2021 13:58:43 GMT
Server: AmazonS3
ETag: "2e217e557a659d69b5d8a3876f1c5344"
Content-Type: application/javascript
Via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: SnNtinMh6L-ePtQ4zWlgsQHE2SU-lByxi5E6PngD0gTj2U6SyN7IeA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 529ms
94ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619395174139&sessionId=d07486ee-8546-1fc6-7483-2dd6bca84a2a&url=arstechnica.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:34 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5c892972ae1186acb38f273fc21290c9
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 98ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-04-25T23%3A59%3A34.223Z&_t=pageview&cBr=Ars%20Technica&cKe=exploits%7Cmicrosoft%7Coffice%7Cvulnerabilities%7CWord%7Czeroday&cCh=information%20technology&cTi=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932&cEnt=microsoft%2C%20page%20layout%2C%20zero-day%20attack%2C%20mcafee%2C%20malware%2C%20fireeye%2C%20html%20application%2C%20windows%20registry%2C%20dan%20goodin%2C%20e-mail%2C%20rich%20text%20format%2C%20utc%2C%20california%2C%20windows%2010%2C%20operating%20system%2C%20macro%2C%20people%2C%20cond%C3%A9%20nast%2C%20ars%20orbital%20transmission%2C%20black%20hat%20usa&cEnw=1%2C%200.6784015477110633%2C%200.6268754530888921%2C%200.6112050352517427%2C%200.5769415477213082%2C%200.5278673858966411%2C%200.4876640019841165%2C%200.4251233242626762%2C%200.4219554491828688%2C%200.4055303805005162%2C%200.4003259436441344%2C%200.391641659880906%2C%200.36639663721428006%2C%200.3631841362436009%2C%200.36076348914452483%2C%200.3556732396947552%2C%200.3498922968926395%2C%200.3410893830977022%2C%200.30540966836663985%2C%200.2996590443923909&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=749&cId=1074069&cPd=2017-04-08T20%3A00%3A41.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day&pRt=referral&pHp=%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5400&pSw=1600&pSh=1200&uID=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&uDt=desktop&_o=ars-technica&_c=general&xID=47a4bb5d-117c-4fdb-a669-ed083338466f&environment=prod&origin=ars-technica&cKh=microsoft%2Cvulnerability%2Cbooby-trapped%20word%20document%2Cpage%20layout%2Czero-day%20attack%2Cmcafee
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 get Show response
odb.outbrain.com/utils/ 44 KB
29 KB 351ms
291ms Script
text/x-json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=http%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=44830&key=NANOWDGT01&widgetJSId=JS_1&va=true&format=vjapi&pdobuid=-1&adblck=false&abwl=false&settings=true&recs=true&version=2000310&sig=CH8TOkIH&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: db5f4a6ff11cf828a461aa96731d6dca09a573023ba8f0dc3329b307c986910a

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:34 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.23
x-cache-hits: 0, 0
x-traceid: df45b48f4a5cb9192c7b31a9cc4272d4
content-encoding: gzip
content-length: 29031
x-served-by: cache-mdw17323-MDW, cache-hhn4067-HHN
x-timer: S1619395174.412894,VS0,VE262
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 472ms
94ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619395174293&sessionId=d07486ee-8546-1fc6-7483-2dd6bca84a2a&url=arstechnica.com&cheqSource=1&cheqEvent=3&responseTime=354
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:34 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b4dd58fb2d59b3d7111d355aade46464
Content-Length: 4
Expires: 0

GET s2s-hb
pbs.getpublica.com/v1/ 0
0

POST
H/1.1 204
No Content events
wren.condenastdigital.com/1.0/conde/ 0
732 B 422ms
101ms Ping
image/gif 52.207.120.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wren.condenastdigital.com/1.0/conde/events?topic=wren.events.ads&api_key=d3Jlbg

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.120.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-120-193.compute-1.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
x-content-type-options: nosniff
Server: nginx/1.15.8
x-frame-options: DENY
x-download-options: noopen
vary: origin
Connection: keep-alive
Content-Type: image/gif
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; preload
x-xss-protection: 1; mode=block

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 4904 16 KB
6 KB 35ms
34ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "afdd3785c80ed9c7965597d8e9141a6b:1617802737.514459"
last-modified: Wed, 07 Apr 2021 13:38:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Mon, 26 Apr 2021 23:59:34 GMT
date: Sun, 25 Apr 2021 23:59:34 GMT
content-length: 5464
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619395174~rv=100~id=6f9c693a8dfb55c9818046a11a2c48e4; path=/; Expires=Sun, 25 Apr 2021 23:59:34 GMT; Secure; SameSite=None

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 1717ms
114ms Fetch
text/plain 50.31.142.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=61208f8fce6b79bf864847665899e359_6817_1619395174617&tm=782&eT=0&tpcs=0&wRV=2000310&pVis=0&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1619395173161
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
content-encoding: gzip
X-TraceId: 5d20dfd50b9b982142230549dd2af45b
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjE5NzBhZWU1MDZhZTY3YTE3NjUzMDUyMGNhYzIyNTE4NDAzNTc0MTY2NjhkNzZhOWFiZjEwZDBmMzVkNWUxMzYiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 7360ms
50ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5NzBhZWU1MDZhZTY3YTE3NjUzMDUyMGNhYzIyNTE4NDAzNTc0MTY2NjhkNzZhOWFiZjEwZDBmMzVkNWUxMzYiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce5ef32d348d36c541a723de1ff208440fe9768762656a609c634cbebe9052b5

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=159827
last-modified: Fri, 26 Feb 2021 19:36:03 GMT
x-traceid: 3fddc3c5fa3e8c1ccbfbab3c42516abb
timing-allow-origin: *
content-length: 5822
content-type: image/webp

GET
H2 200 eyJpdSI6IjZkMjE5NWRiMGUzY2I1MGRlMWJhNWYyNjYyZjM3NzM1YTA5OTA3NzQyYWMxODRjYzZiNjJhOTQyNWVjZmIwMWYiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 12 KB
12 KB 7383ms
73ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkMjE5NWRiMGUzY2I1MGRlMWJhNWYyNjYyZjM3NzM1YTA5OTA3NzQyYWMxODRjYzZiNjJhOTQyNWVjZmIwMWYiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82a7ea4ad84effcc05828dfdfcb56cb10aed97b43063a588cdbf45039702bae2

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=1488502
last-modified: Tue, 06 Apr 2021 02:26:18 GMT
x-traceid: 61118ae5590c711a88073632f6760d9a
timing-allow-origin: *
content-length: 12088
content-type: image/webp

GET
H2 200 eyJpdSI6ImM2NDc3MTYwZTMzODNlNjRkM2MxNzE4NmU1NmQ3NzNiY2VjMzE4NWUwNDAyOWZmNjIwNDI2MDc5ZTQ2MDVjMzciLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
8 KB 7484ms
175ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM2NDc3MTYwZTMzODNlNjRkM2MxNzE4NmU1NmQ3NzNiY2VjMzE4NWUwNDAyOWZmNjIwNDI2MDc5ZTQ2MDVjMzciLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8629df225b82b5c1fe19e4197b96c4d64b4ffdb8fa8b3f7d70d255f2d8e529f1

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=2462400
last-modified: Thu, 22 Apr 2021 13:44:34 GMT
x-traceid: db28d4aa9234ec1aaa38df4c8564795a
timing-allow-origin: *
content-length: 7594
content-type: image/webp

GET
H2 200 eyJpdSI6IjM4MTU0MDQxZmI0MWQ3ZmYxN2FlMDJjODlhZTg3YmU3Y2NhMDNlODBkYzFiNmMzNDMwZTJkY2QwMDRjZTRkZmUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 7378ms
69ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4MTU0MDQxZmI0MWQ3ZmYxN2FlMDJjODlhZTg3YmU3Y2NhMDNlODBkYzFiNmMzNDMwZTJkY2QwMDRjZTRkZmUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60443b07c364586cb93f1b49b5bfdcfa6f4419def86c90f8cfcd666cf4d5545e

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=2265269
last-modified: Wed, 10 Mar 2021 15:36:22 GMT
x-traceid: eaca3e5d1951c30bbcdf24984f51fdc2
timing-allow-origin: *
content-length: 6756
content-type: image/webp

GET
H2 200 eyJpdSI6IjRlOGViMWUzODhmMjY0ZmJmYjgxODMzNzIxYmRkNWM3MjlhOTViNDAxOWFiM2RiOWMxYmUyN2NlNzZlOGU4OGIiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 7361ms
52ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRlOGViMWUzODhmMjY0ZmJmYjgxODMzNzIxYmRkNWM3MjlhOTViNDAxOWFiM2RiOWMxYmUyN2NlNzZlOGU4OGIiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d6594000a7de4bbcbfe8d15d9fd4b00a2a35ff7b2f0ac2a5ec0899eaf60d88a

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=1480676
last-modified: Thu, 08 Apr 2021 15:11:01 GMT
x-traceid: f058a03b06ae8633e143f605b958e0ab
timing-allow-origin: *
content-length: 8172
content-type: image/webp

GET
H2 200 eyJpdSI6ImNjYWIwZGZlZjI5ZTlkZDk3NDU0NjU3ZGM3YjI1ZDIxZDgzOTFmMGFmZTM2M2YyMjllMmY3YzE0OGExY2VjOGMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 7380ms
72ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNjYWIwZGZlZjI5ZTlkZDk3NDU0NjU3ZGM3YjI1ZDIxZDgzOTFmMGFmZTM2M2YyMjllMmY3YzE0OGExY2VjOGMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4acb4918bb4f45a11f27cf00210c700d6a931bed92b6fa1c9f19f82e8e9f12b2

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:42 GMT
cache-control: max-age=1468531
last-modified: Wed, 07 Apr 2021 16:34:59 GMT
x-traceid: 89eab60e2d1d2c360100249eabfb89fa
timing-allow-origin: *
content-length: 14854
content-type: image/webp

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 98ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=&_ts=2021-04-25T23%3A59%3A34.819Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22timeout%22%3A500%7D%7D&dim3=Timeout
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
423 B 112ms
112ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%7D&u=https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: af36e4b28a8c8570a91ad4b443fcd1dbe7a9138d55fbf39b06df049d3ecc5002

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:35 GMT
Server: Server
x-amz-rid: W4MQ4XX8CHSWA6E4PYNY
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 4E6F 29 KB
30 KB 714ms
655ms Font
application/font-woff2 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Origin: https://arstechnica.com
Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:36 GMT
Content-Encoding: gzip
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
ETag: "7d18db04f980971f2a9c5026bbc34bed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: K2gyGDnFQlXV8G_UG60gwhub-smPm6SOa9muPUrMO08is3N5oJ_fWQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AFC0 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 288922
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4E6F 44 KB
17 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4E6F 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: HtNGuRMpXMCWJUf5/zxzsoEBJ6kNURR/kTlPVAcByp8gZoNHnE4XK2OA5qp1BlB3lRTZOy7pIMjvNYG3aYp4aw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 25 Apr 2021 23:59:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK comscore-min.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4E6F 38 KB
11 KB 31ms
31ms Script
text/javascript 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:55:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2017 18:19:15 GMT
Server: AmazonS3
Age: 262
ETag: W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: v8MKZJ0ZYutjrHz46b-ldShYHzlbrBrPzMWrVH4PgCdQzJNcTwvoAg==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1240670422&t=event&ni=1&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&dr=%2F&dp=%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ul=en-us&de=UTF-8&dt=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=loaded&el=604b9ee038d06931f218aaca%7Cnull_null%7C150%7CSitrep%3A%20Boeing%20707&_u=aGDAAUAjAAQCAG~&jid=764650508&gjid=235036325&cid=1527306430.1619395174&tid=UA-31997-1&_gid=2044715989.1619395174&_r=1&gtm=2wg4e1NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=277&cd4=&cd6=Mon%20Apr%2026%202021%2001%3A59%3A35%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd7=1619395175363.io4arftg&cd8=-2&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd10=English&cd11=1&cd12=0&cd13=GA%20Event%20-%20Video%20Engagement&cd20=none&cd21=47a4bb5d-117c-4fdb-a669-ed083338466f&cd25=Dan%20Goodin&cd26=1074069&cd27=749&cd28=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&cd29=web&cd32=2017-04-08T20%3A00%3A41%2B00%3A00&cd33=1479&cd34=2017-04-11T21%3A13%3A02%2B00%3A00&cd35=exploits%7Cmicrosoft%7Coffice%7Cvulnerabilities%7CWord%7Czeroday&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1074069&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cd93=information%20technology&cd95=%2CC0001%2C&cd98=article%7Creport&cd102=22&cd103=&cd108=C0003%3A0%2CC0004%3A0%2CC0005%3A0%2CC0001%3A1%2CC0002%3A0%2CSTACK42%3A0&cd113=video-loaded&cd127=Saturday&cd129=Europe%2FBerlin&cd131=3&cd3=1527306430.1619395174&cd76=604b9ee038d06931f218aaca%7Cnull_null%7C150%7CSitrep%3A%20Boeing%20707&cd77=arstechnica&cd80=1&cd82=604b9ee038d06931f218aaca&cd83=null_null&cd84=Sitrep%3A%20Boeing%20707&cd85=150&cd90=arstechnica&cd91=1&z=987937016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 4E6F 48 B
48 B 98ms
97ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.264Z&_c=&_t=Player%20Requested&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 4E6F 48 B
48 B 197ms
99ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.336Z&_c=initial&_t=gptData&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%22604b9ee038d06931f218aaca%22%7D
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1615574323/ Frame 4E6F 49 KB
49 KB 38ms
38ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f1473c9fb0736a769bd5fee12a77491be8243e28446766e5369d845a8c75176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 20:45:46 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1221229
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=605;cpu=0;start=2021-04-11T20:45:45.709Z;desc=miss,rtt;dur=1,cloudinary;dur=122;start=2021-04-11T20:45:46.045Z
Content-Length: 49728
Last-Modified: Tue, 16 Mar 2021 15:48:05 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "9cc3557369e729f9997cffc3e3429e77"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: haz5Dhw14i29qmS5VTEcm5nigMQojejv36WCF2l6xyQVdstZMYucKg==

GET
BLOB 200
OK aaba2352-b4c8-4343-aa90-ec51037d4cc9
https://arstechnica.com/ Frame 4E6F 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/aaba2352-b4c8-4343-aa90-ec51037d4cc9
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 50ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=764650508&gjid=235036325&_gid=2044715989.1619395174&_u=aGDAAUAjAAQCAG~&z=1541520368

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Apr 2021 23:59:35 GMT
content-type: text/plain
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content cedf7f38-43bd-4577-8bd5-5a946fb08536thumbs.mp4
dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/ Frame 4E6F 128 KB
0 155ms
29ms Media
video/mp4 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/cedf7f38-43bd-4577-8bd5-5a946fb08536thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Apr 2021 03:38:56 GMT
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified: Fri, 12 Mar 2021 17:15:54 GMT
Server: AmazonS3
Age: 157720
ETag: "028a7f420d83fb027596495c6d29eb9b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-512756/512757
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 512757
X-Amz-Cf-Id: OyhPkhsqEbdHVcXA5SU70Cot_2nZpWVcI865nrgR71hLv6ITFVja1A==

GET
H/1.1 206
Partial Content cedf7f38-43bd-4577-8bd5-5a946fb08536thumbs.mp4
dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/ Frame 4E6F 64 KB
0 241ms
29ms Media
video/mp4 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/cedf7f38-43bd-4577-8bd5-5a946fb08536thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Apr 2021 07:20:07 GMT
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified: Fri, 12 Mar 2021 17:15:54 GMT
Server: AmazonS3
Age: 157720
ETag: "028a7f420d83fb027596495c6d29eb9b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-512756/512757
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 512757
X-Amz-Cf-Id: VawtdrUsBn2yuAjvgtx-2OOnvjJmPNPoayo6aZMXrXF68nudgmJk-g==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 4E6F 48 B
48 B 100ms
99ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.450Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-boeing-707&cId=604b9ee038d06931f218aaca&cKe=sitrep%2Cboeing%2Cboeing%20707&cPd=2021-03-16T15%3A00%3A00%2B00%3A00&cTi=Sitrep%3A%20Boeing%20707&mDu=150&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=540&pWh=303.75&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%2286764a6-4588-95fa-232f-86d58aa3f3fa%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A4221.96875%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK cedf7f38-43bd-4577-8bd5-5a946fb08536manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/ Frame 4E6F 918 B
1 KB 107ms
30ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/cedf7f38-43bd-4577-8bd5-5a946fb08536manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 926253539e7582bf4cc021a6f050ae1eadfe07a9b3e1f8bd4162d376ba79d372

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 16:41:57 GMT
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
Vary: Origin
Age: 31176
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Fri, 12 Mar 2021 17:15:19 GMT
Server: AmazonS3
ETag: "55870f58c90e06d7f14f7778bc296d1c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: r8XMK3qhK-Up2W3Cxx4FjBSGxOaers-UZw5w7YjCrlU0HMWkEzcJ_w==

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame E294 29 KB
30 KB 649ms
132ms Font
application/font-woff2 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Origin: https://arstechnica.com
Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-abb0de6918fca8264be7b7adba283776.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:37 GMT
Content-Encoding: gzip
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
ETag: "7d18db04f980971f2a9c5026bbc34bed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 4RARrAv2kNmnt5Y5qG1NlpT6pBMib4uHxh2QlT0cVTxgHquJOye9qQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BEBA 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 288922
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E294 44 KB
16 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 25 Apr 2021 23:59:35 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E294 92 KB
23 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: HtNGuRMpXMCWJUf5/zxzsoEBJ6kNURR/kTlPVAcByp8gZoNHnE4XK2OA5qp1BlB3lRTZOy7pIMjvNYG3aYp4aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sun, 25 Apr 2021 23:59:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK comscore-min.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame E294 38 KB
11 KB 30ms
29ms Script
text/javascript 13.225.84.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-169.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:55:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 May 2017 18:19:15 GMT
Server: AmazonS3
Age: 262
ETag: W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: --F8huiuzh2aAz8NmOmMp5R4MnzNCp1M18M0r0lW7u4wafAlCtkrHg==

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 98ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.479Z&_c=&_t=Player%20Requested&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 99ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.536Z&_c=initial&_t=gptData&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225afc7010841c4b6e41000001%22%7D
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_first-look-xbox-adaptive-controller.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1526498352/ Frame E294 36 KB
37 KB 34ms
34ms Image
image/jpeg 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1526498352/arstechnica_first-look-xbox-adaptive-controller.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e2a3ed764a3ef9095592b793ec54285a79e5e9b520acd11570f0ee3fd075c02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 40
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:55 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:04:21.151Z;desc=hit,rtt;dur=1
Content-Length: 37145
Last-Modified: Thu, 17 May 2018 06:32:13 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3e12d7e6e822633bb473e25c1b40018f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 8cQHSAzvZBulIr9o4gfX27TH-z1NI8JYXK40uqrum4CEyFlkzkjNnQ==

GET
BLOB 200
OK 5fa701b4-8acf-4b96-b48a-f7a9a29f379c
https://arstechnica.com/ Frame 4E6F 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/5fa701b4-8acf-4b96-b48a-f7a9a29f379c
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5f3418a3fa657175d5341b5e032be036cb4d5818de5d1497f2175be5a7e3701

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5463
Content-Type: application/javascript

GET
BLOB 200
OK 4fd1fc67-acb2-4206-b2a5-b9c7ad03ed5a
https://arstechnica.com/ Frame E294 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/4fd1fc67-acb2-4206-b2a5-b9c7ad03ed5a
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
24ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=764650508&_u=aGDAAUAjAAQCAG~&z=1186892838

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
16ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-31997-1&cid=1527306430.1619395174&jid=764650508&_u=aGDAAUAjAAQCAG~&z=1186892838

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cedf7f38-43bd-4577-8bd5-5a946fb08536file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/ Frame 4E6F 2 KB
894 B 31ms
30ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/cedf7f38-43bd-4577-8bd5-5a946fb08536file-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5edb557792560a8a710be304988f8c1152c240990aeac8aaf3ad86ced3ee038

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 06:33:18 GMT
Content-Encoding: gzip
Vary: Origin
Age: 62778
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 12 Mar 2021 17:16:15 GMT
Server: AmazonS3
ETag: W/"f8a15ece1263b9ee3a9a329774ea2e2b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: gXjDN8yyOx8rU1Wns4BIuBCnc8AMSoS5rqB6OnSFqYyGAT2Mzn-_DQ==

GET
H/1.1 206
Partial Content 6c372966-5d44-4560-b644-bcf60dbf1c50thumbs.mp4
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 128 KB
0 29ms
29ms Media
video/mp4 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Apr 2021 05:33:41 GMT
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified: Wed, 16 May 2018 18:04:29 GMT
Server: AmazonS3
Age: 66355
ETag: "5cb1cdd7de16a7f36d92c03e1cdefb90"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-779707/779708
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 779708
X-Amz-Cf-Id: 5CjV_W6UaPvqx9-zww8AON6-JXTgmN_Y_9-HYcyiK0aPwUJqpPEFUw==

GET
H/1.1 206
Partial Content 6c372966-5d44-4560-b644-bcf60dbf1c50thumbs.mp4
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 16 KB
0 91ms
30ms Media
video/mp4 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Apr 2021 05:33:41 GMT
Via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
Last-Modified: Wed, 16 May 2018 18:04:29 GMT
Server: AmazonS3
Age: 66355
ETag: "5cb1cdd7de16a7f36d92c03e1cdefb90"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-779707/779708
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 779708
X-Amz-Cf-Id: Lqmsl54IyuqtK2ut9p3uxti08FQyOIgkl2ILNtuKp7DUQGR0ZnSflw==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 98ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.651Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 918 B
1 KB 51ms
29ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 971c6995b3a7e2009ffe6dd60c58adce3f25eedd38f8c672da8119d2f4661d65

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 06:48:44 GMT
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
Vary: Origin
Age: 61852
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Wed, 16 May 2018 18:03:51 GMT
Server: AmazonS3
ETag: "097415c55e08990d85b8ff23e771b21c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: -Cf84Li4aBAVpVxxFEK_vm2iNiQwYBATuLpmLfYu-6NSNy_EqIpVag==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 100ms
99ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.662Z&_c=Player%20Event&_t=Player%20In%20Viewport&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A507 36 KB
13 KB 38ms
5ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 00:14:21 GMT

GET
H3-29 200 1663130473914833 Show response
connect.facebook.net/signals/config/ Frame 4E6F 255 KB
73 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663130473914833?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

583d3c6cf7ab15e76c307497ec0680d67d97fc38be09b2dfecb64a440d5370d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74575
x-fb-rlafr: 0
pragma: public
x-fb-debug: wSKIHURpi+CjxFGmnNazDbmbxgIr8unvNwBRhFKw9qZJR+PdPUOYyi2nCXj8yf/0gHsXg9ZQjPKWBlOhzEj0ww==
x-frame-options: DENY
date: Sun, 25 Apr 2021 23:59:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f1473c9fb0736a769bd5fee12a77491be8243e28446766e5369d845a8c75176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Origin: https://arstechnica.com
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 20:45:46 GMT
Via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1221230
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=605;cpu=0;start=2021-04-11T20:45:45.709Z;desc=miss,rtt;dur=1,cloudinary;dur=122;start=2021-04-11T20:45:46.045Z
Content-Length: 49728
Last-Modified: Tue, 16 Mar 2021 15:48:05 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "9cc3557369e729f9997cffc3e3429e77"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: t8vwxLdak1kwXy3uNe4PqEpNFF2jNjjiAMfPqPK3wedMmzivTGi2Uw==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4E6F 2 KB
1 KB 128ms
62ms XHR
text/xml 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.45.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26ctx_line_items%3D%26height%3D304%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26width%3D540&correlator=3091514122482959&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-boeing-707&vid=604b9ee038d06931f218aaca&cmsid=1495&ppid=47a4bb5d117c4fdba669ed083338466f

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ee93e6845398f0a9f40076b5ec112708a0f15fe449780efa1b6b7ba86f3a9d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 857
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 01ef3a68-2329-4a15-83b8-e3dd8816a90f
https://arstechnica.com/ Frame E294 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/01ef3a68-2329-4a15-83b8-e3dd8816a90f
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5f3418a3fa657175d5341b5e032be036cb4d5818de5d1497f2175be5a7e3701

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5463
Content-Type: application/javascript

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f1473c9fb0736a769bd5fee12a77491be8243e28446766e5369d845a8c75176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 20:45:46 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1221229
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=605;cpu=0;start=2021-04-11T20:45:45.709Z;desc=miss,rtt;dur=1,cloudinary;dur=122;start=2021-04-11T20:45:46.045Z
Content-Length: 49728
Last-Modified: Tue, 16 Mar 2021 15:48:05 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "9cc3557369e729f9997cffc3e3429e77"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: w0nmqmS-YZsSIiInrC73vg0IZRKvXUjo_fW0RUAL88qxpvts9p-Dug==

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D010 36 KB
12 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 00:14:21 GMT

GET
H3-29 200 1663130473914833 Show response
connect.facebook.net/signals/config/ Frame E294 255 KB
73 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663130473914833?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

583d3c6cf7ab15e76c307497ec0680d67d97fc38be09b2dfecb64a440d5370d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74575
x-fb-rlafr: 0
pragma: public
x-fb-debug: wSKIHURpi+CjxFGmnNazDbmbxgIr8unvNwBRhFKw9qZJR+PdPUOYyi2nCXj8yf/0gHsXg9ZQjPKWBlOhzEj0ww==
x-frame-options: DENY
date: Sun, 25 Apr 2021 23:59:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E294 2 KB
2 KB 91ms
60ms XHR
text/xml 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.ars/inline-player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.45.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26width%3D276&correlator=3091514122482959&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&vid=5afc7010841c4b6e41000001&cmsid=1495&ppid=47a4bb5d117c4fdba669ed083338466f

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f817fb25f288bb8d554cc58b4513bd9e0fb4419b7f8659b58076658f9810aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 3 KB
935 B 29ms
29ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 058aadd34057f1fdc2a762da06a5e9e37a6639733261db440f5a34dda9a36582

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 02:15:45 GMT
Content-Encoding: gzip
Vary: Origin
Age: 78231
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:08 GMT
Server: AmazonS3
ETag: W/"a83f568491353e68f5eea2a28b020a80"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: psZmRdq3N-qYNTrKRRw0eKR1cd8KYCidx8Thy3A1tm6BJ99J8bM_BQ==

GET
BLOB 200
OK ba029635-2229-4caa-9e6f-7de7daa947f4
https://arstechnica.com/ Frame 4E6F 64 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/ba029635-2229-4caa-9e6f-7de7daa947f4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2db2f16f2ca017e865150e9b6edbbc4c4349ad8448db72e8bb21bbfb40cc4092

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 65790
Content-Type: application/javascript

GET
H/1.1 200
OK cedf7f38-43bd-4577-8bd5-5a946fb08536file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/ Frame 4E6F 977 KB
963 KB 29ms
29ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/604b9ee038d06931f218aaca/cedf7f38-43bd-4577-8bd5-5a946fb08536file-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4003e7a5967aa6cf711992cd31336895f88914dafd28d08562b10813bead3236

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 18:48:20 GMT
Content-Encoding: gzip
Vary: Origin
Age: 83879
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 12 Mar 2021 17:16:15 GMT
Server: AmazonS3
ETag: W/"f0b693c42b6e96fde29e6b5a37cc0c10"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: qzNMHP7RHkRv4_S0dh_0OOCr-WEpBQPcSA3PCStVp49XmW5yk3E8jw==

GET
BLOB 200
OK 7a4e74ec-2041-4c44-b9a5-72b9c592b03e
https://arstechnica.com/ Frame E294 64 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/7a4e74ec-2041-4c44-b9a5-72b9c592b03e
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2db2f16f2ca017e865150e9b6edbbc4c4349ad8448db72e8bb21bbfb40cc4092

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 65790
Content-Type: application/javascript

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 800 KB
789 KB 50ms
50ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe1a5b17ffd6abe803af0c0becda51ce7a78890783f61ba6ebbd0cf91119c3f3

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 06:49:00 GMT
Content-Encoding: gzip
Vary: Origin
Age: 61836
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:06 GMT
Server: AmazonS3
ETag: W/"56da2769ed5732b94b71780be7f55b76"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: dCbIwqxM-5FATlJfPNRj9PEdrLfkqx8gSNZJzadEZI1jw6zFx_2hJQ==

GET
H2

200

p2
sb.scorecardresearch.com/ Frame E294
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_c...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_...

64 B
329 B

72ms
71ms

Image
image/gif

143.204.245.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=233528&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395175791&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-55.cph50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:36 GMT
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: jzKOAaxgzvohElqk4vNH4VYGIj1yEcMiaACVjDjVP821kch1a0r2dQ==

Redirect headers

date: Sun, 25 Apr 2021 23:59:36 GMT
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=233528&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395175791&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
content-length: 828
x-amz-cf-id: TEOoNOE2xqqHQAdztM_Q6NnbawrDgMltAEyVvkued5gfN9iKMY0ZOw==

POST
H/1.1 204
No Content events
wren.condenastdigital.com/1.0/conde/ 0
732 B 103ms
102ms Ping
image/gif 52.207.120.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wren.condenastdigital.com/1.0/conde/events?topic=wren.events.ads&api_key=d3Jlbg

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.120.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-120-193.compute-1.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 25 Apr 2021 23:59:36 GMT
x-content-type-options: nosniff
Server: nginx/1.15.8
x-frame-options: DENY
x-download-options: noopen
vary: origin
Connection: keep-alive
Content-Type: image/gif
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; preload
x-xss-protection: 1; mode=block

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/condenastjsvideocontent160527792519/ Frame E294 303 KB
102 KB 34ms
34ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49ce0b9309f3549eff7156c661425c49e8f080f49c76feb6507549520c6fbe56

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:17:11 GMT
server: AmazonS3
x-amz-request-id: WRBWQ6T85G351TGQ
etag: "0a51abc36b918c69623fdf2fa661c897"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39918
accept-ranges: bytes
content-length: 104042
x-amz-id-2: o5hx3zsWbTaXdd7fgS0R1HJ52CGxg3ToKaHLmryRK2Oe/hvIdMhsIik/jZTthhHrcZt+PWsLblM=

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 99ms
99ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.872Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/condenastjsvideocontent160527792519/ Frame 4E6F 303 KB
102 KB 37ms
37ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49ce0b9309f3549eff7156c661425c49e8f080f49c76feb6507549520c6fbe56

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:17:11 GMT
server: AmazonS3
x-amz-request-id: WRBWQ6T85G351TGQ
etag: "0a51abc36b918c69623fdf2fa661c897"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39918
accept-ranges: bytes
content-length: 104042
x-amz-id-2: o5hx3zsWbTaXdd7fgS0R1HJ52CGxg3ToKaHLmryRK2Oe/hvIdMhsIik/jZTthhHrcZt+PWsLblM=

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 4E6F 48 B
48 B 98ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A35.892Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-boeing-707&cId=604b9ee038d06931f218aaca&cKe=sitrep%2Cboeing%2Cboeing%20707&cPd=2021-03-16T15%3A00%3A00%2B00%3A00&cTi=Sitrep%3A%20Boeing%20707&cTy=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&mDu=150&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=540&pWh=303.75&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%2286764a6-4588-95fa-232f-86d58aa3f3fa%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A4221.96875%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A1%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1526498352/arstechnica_first-look-xbox-adaptive-controller.jpg

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e2a3ed764a3ef9095592b793ec54285a79e5e9b520acd11570f0ee3fd075c02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Origin: https://arstechnica.com
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 41
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:55 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:04:21.151Z;desc=hit,rtt;dur=1
Content-Length: 37145
Last-Modified: Thu, 17 May 2018 06:32:13 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3e12d7e6e822633bb473e25c1b40018f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: hsCDawaedBUsx0A5_-xmaL0owwEL_Exn9dTYR-OBVDaQVAUB8Z52hQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1526498352/arstechnica_first-look-xbox-adaptive-controller.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-40.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e2a3ed764a3ef9095592b793ec54285a79e5e9b520acd11570f0ee3fd075c02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 40
X-Cache: Hit from cloudfront
Date: Sun, 25 Apr 2021 23:58:55 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-04-25T01:04:21.151Z;desc=hit,rtt;dur=1
Content-Length: 37145
Last-Modified: Thu, 17 May 2018 06:32:13 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3e12d7e6e822633bb473e25c1b40018f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5aj_NX7gq-ihXvkVUnllDrYn1zhM-I0QT3ulpjYcjbe0yCaanPc5ew==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
34ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=8&f=0&j=&t=1619395175948&de=791793625018&m=0&ar=e4967b0-clean&iw=a0753d6&q=3&cb=0&ym=0&cu=1619395175948&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A941%3A941%3A0%3A1164&fs=189983&na=50923249&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=8&f=0&j=&t=1619395175983&de=546793074747&m=0&ar=e4967b0-clean&iw=a0753d6&q=6&cb=0&ym=0&cu=1619395175983&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Sitrep_%20Boeing%20707%3A%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=604b9ee038d06931f218aaca&zMoatAP=-&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A941%3A941%3A0%3A1164&fs=189983&na=690867971&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:36 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame BEBA 0
23 B 33ms
19ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?slotname=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&sz=640x360%7C480x70&ciu_szs=300x60&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.45.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26width%3D276&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=30000&pmad=2&vrid=1187211&ppid=47a4bb5d117c4fdba669ed083338466f&correlator=1648799444734884&cmsid=1495&video_doc_id=5afc7010841c4b6e41000001&kfa=0&tfcd=0&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3211474126&sdk_apis=2%2C8&sid=E1F23C36-61FC-4653-A475-ADDB2993D3AE&eid=44739826&dlt=1619395173981&idt=1929&dt=1619395176369&scor=3309035250508855&ged=ve4_td2_tt0_pd2_la2000_er636.1082.789.1382_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame AFC0 0
23 B 19ms
18ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?slotname=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&sz=640x480%7C480x70&ciu_szs=300x60&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.45.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26ctx_line_items%3D%26height%3D304%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26width%3D540&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-boeing-707&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=30000&pmad=2&vrid=1187211&ppid=47a4bb5d117c4fdba669ed083338466f&correlator=2729266894860967&cmsid=1495&video_doc_id=604b9ee038d06931f218aaca&kfa=0&tfcd=0&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1550838534&sdk_apis=2%2C8&sid=40975F96-5692-455B-B05E-285922FD451A&eid=44739826&dlt=1619395174121&idt=1719&dt=1619395176390&scor=2901282003333305&ged=ve4_td2_tt0_pd2_la2000_er4526.350.4679.650_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 100ms
100ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A36.414Z&_c=Video%20Ad&_t=DFP%20Ad%20Error%20adLoadError%2C%20UNKNOWN_AD_RESPONSE%2C%20The%20ad%20response%20was%20not%20understood%20and%20cannot%20be%20parsed.%2C%20null&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50cc.vtt Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 6 KB
7 KB 401ms
401ms XHR
text/vtt 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50cc.vtt
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2db566008354079e5f1a0618d48ee5f8a643725875d6dc65751b29db3209abe4

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:37 GMT
Via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Vary: Origin
X-Amz-Cf-Pop: FRA2-C2
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 6654
Last-Modified: Wed, 16 May 2018 20:22:36 GMT
Server: AmazonS3
ETag: "204c20995d85128a40693cf81517ddd2"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/vtt; charset=utf-8
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: Q7pHTqIPBMUq0mUOuZkbs-r-sK0zP_mY9ler8f_5MIFka7OhBB1Fyw==

GET
H2 200 /
www.facebook.com/tr/ Frame E294 44 B
364 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663130473914833&ev=Start&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&rl=&if=true&ts=1619395176423&cd[brand]=arstechnica&cd[url]=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cd[category]=Video%20View&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619395176421.338818193&it=1619395175713&coo=false&rqm=GET

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 25 Apr 2021 23:59:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=505&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A941%3A941%3A0%3A1164&as=0&ag=46&an=0&gf=46&gg=0&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=46&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=482&cd=0&ah=482&am=0&dq=91&dr=0&ds=91&dt=0&zx=0&tb=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1928906038&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:36 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 99ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A36.459Z&_c=Video%20View&_t=Content%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 110ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A36.461Z&_c=Video%20View&_t=Any%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 4E6F 48 B
48 B 157ms
98ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A36.470Z&_c=Video%20Ad&_t=DFP%20Ad%20Error%20adLoadError%2C%20UNKNOWN_AD_RESPONSE%2C%20The%20ad%20response%20was%20not%20understood%20and%20cannot%20be%20parsed.%2C%20null&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-boeing-707&cId=604b9ee038d06931f218aaca&cKe=sitrep%2Cboeing%2Cboeing%20707&cPd=2021-03-16T15%3A00%3A00%2B00%3A00&cTi=Sitrep%3A%20Boeing%20707&cTy=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&mDu=150&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=540&pWh=303.75&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%2286764a6-4588-95fa-232f-86d58aa3f3fa%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A4221.96875%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A1%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:36 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 653 KB
643 KB 36ms
35ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-1422k-128-48000-768-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 783f4da7225e90e70e7bc0716906b5d36009977a745622092b05c5ec64fb4576

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 19:34:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 15898
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:06 GMT
Server: AmazonS3
ETag: W/"ba091ed71d6f8fdda9b64c7aa8455e07"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: VFjlQwofDBhdrogc4fdr4OALr1VjLVq74bWYeVI3ueFJbP7-4fIBcA==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=509&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A941%3A941%3A0%3A1164&as=0&ag=46&an=46&gf=46&gg=46&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=46&bx=46&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=482&cd=482&ah=482&am=482&dq=91&dr=91&ds=91&dt=91&zx=0&tb=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1851553694&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:36 GMT

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 3 KB
932 B 74ms
74ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa4e86d31adc5fdcd90367b8f17abb13c38c047f9cc68a5ea3bda9eb4b6c3ea4

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 07:52:47 GMT
Content-Encoding: gzip
Vary: Origin
Age: 58010
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:21 GMT
Server: AmazonS3
ETag: W/"9bee369d1e5e68d315f56d3c4665ee7b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: W_bxV-eIaD4HP0rf8CGEIa_JUyicECjj_ly5tzdw66reH93ypPGKQw==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 31ms
31ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e342ba4192c4e8e42594972a79fba3001d9522cf229cb626165112ecf1e0c780

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 01:04:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 82509
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:20 GMT
Server: AmazonS3
ETag: W/"2c198507695e0b926f1203e031e08615"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: wRZ6GetYnhS72NDOKa7ILBeN5andx7_j12QzOp7rWJDwJ9t6x002Ug==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00003.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 32ms
32ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00003.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d7e993404ea0eb6a639bdc7aaa99146ae8881a4e16358c5705222ed935ab797

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 07:52:48 GMT
Content-Encoding: gzip
Vary: Origin
Age: 58009
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"2d34ab7b80fb0ad15ac49a851d120044"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 798Jzvi1fJmliWwpMyGgE3GZUF0CCqKAgiicvUEWu2bRawmpQcEAzA==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00004.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 31ms
31ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00004.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd59c7fd301dc3b478f770485754e41657fdba2f6bd27aa6ebb10a395df810a

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 04:20:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 70763
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"36a04b140b0ee8310c28a042c9033876"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: d0GS09nGFicSLRik30jWX_SQXgaCM-cgkhN07tNDkD5husz-1RmIVg==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00005.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 31ms
30ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00005.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb8b71832c6fc25fb3abc89b63da08d83fd74e2f57e76a5754067fac2c8d986

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 04:20:15 GMT
Content-Encoding: gzip
Vary: Origin
Age: 70761
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:21 GMT
Server: AmazonS3
ETag: W/"a9b0ea7f1478cc5cb437e83707c14833"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: dR9KkvzGhjrMYi-JY7keo88-xycTSZntU_JpAAHQXb4pcIpgRY5Qsg==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00006.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 32ms
32ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00006.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95c1b9876c9ddf01e908be9af54bcc94b39203dcf85418dc39792b7e1b9b3907

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 01:04:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 82508
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"66169594db46b7bd28280280955c295a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: N7z408wZbaq7cQfUBM3GKhgZLa879RxrH8OEYxcLUsMszk_u2tjP5w==

GET
H/1.1 200
OK usersync Show response
usersync.getpublica.com/ Frame 0EF2 0
198 B 645ms
99ms Document
text/plain 3.221.88.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Requested by: Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.88.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usersync.getpublica.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
Date: Sun, 25 Apr 2021 23:59:37 GMT
Content-Length: 0

GET
H/1.1 200
OK usersync Show response
usersync.getpublica.com/ Frame A6C9 0
198 B 740ms
98ms Document
text/plain 3.221.88.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Requested by: Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.88.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usersync.getpublica.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
Date: Sun, 25 Apr 2021 23:59:37 GMT
Content-Length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=1623&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A941%3A941%3A0%3A1164&as=1&ag=1171&an=46&gi=1&gf=1171&gg=46&ez=1&kw=1407&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1171&bx=46&jz=1407&dj=1&dx=1&aa=1&ad=1070&cn=0&gn=1&gk=1070&gl=0&cp=1407&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1407&cd=482&ah=1407&am=482&dq=1016&dr=91&ds=1016&dt=91&zx=0&tb=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.02228125&zMoatVSD=233&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4327&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=963047778&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=1625&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A941%3A941%3A0%3A1164&as=1&ag=1171&an=1171&gi=1&gf=1171&gg=1171&ez=1&kw=1407&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1171&bx=1171&jz=1407&dj=1&dx=1&aa=1&ad=1070&cn=1070&gn=1&gk=1070&gl=1070&cp=1407&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1407&cd=1407&ah=1407&am=1407&dq=1016&dr=1016&ds=1016&dt=1016&zx=0&tb=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.02228125&zMoatVSD=233&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4327&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=847043198&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:37 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
155 B 26ms
25ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1409

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 0
407 B 38ms
37ms XHR
application/javascript 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Apr 2021 23:59:37 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0
expires: Mon, 25 Apr 2022 23:59:37 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame F153 668 B
732 B 29ms
27ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 34271931464435bcfe56d886bf48ed84557081e0113f926914624b4785bee6a9

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174; Version=1; Expires=Mon, 25-Apr-2022 23:59:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619395177|gekin0vNiygu; Version=1; Expires=Mon, 10-May-2021 23:59:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 25 Apr 2021 23:59:37 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 5331 22 KB
8 KB 85ms
84ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd01deda7afdc1eb184dd3e647ebf9d285447bf3d967bc72fd6aa82e67920b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Wed, 27 Oct 2021 23:59:37 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 27 Apr 2021 23:59:37 GMT
date: Sun, 25 Apr 2021 23:59:37 GMT
content-length: 8097

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7811 52 KB
17 KB 91ms
29ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI_rtmEAoYAiACKAIw5YSYhAY4AkACSAIQ5YSYhAYYAQ..; uuid2=7484511246760294868
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 23:59:37 GMT
Age: 68508
X-Served-By: cache-lga21951-LGA, cache-fra19152-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 426326
X-Timer: S1619395178.749800,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 978E 2 KB
1 KB 39ms
39ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 17D8 52 KB
17 KB 90ms
29ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI_rtmEAoYAiACKAIw5YSYhAY4AkACSAIQ5YSYhAYYAQ..; uuid2=7484511246760294868
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 23:59:37 GMT
Age: 68508
X-Served-By: cache-lga21951-LGA, cache-fra19161-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 444752
X-Timer: S1619395178.750234,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 57AA 2 KB
1 KB 78ms
39ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A716 668 B
720 B 29ms
28ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 34271931464435bcfe56d886bf48ed84557081e0113f926914624b4785bee6a9

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174; Version=1; Expires=Mon, 25-Apr-2022 23:59:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619395177|gekin0vNiygu; Version=1; Expires=Mon, 10-May-2021 23:59:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 25 Apr 2021 23:59:37 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2B52 52 KB
17 KB 92ms
31ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI_rtmEAoYAiACKAIw5YSYhAY4AkACSAIQ5YSYhAYYAQ..; uuid2=7484511246760294868
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 25 Apr 2021 23:59:37 GMT
Age: 68508
X-Served-By: cache-lga21951-LGA, cache-fra19144-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 440528
X-Timer: S1619395178.755180,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1CCD 281 B
554 B 338ms
29ms Document
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhLLetiyBpIpb0Ow58ruqWPWnoQ6qVZbmJiY/FKQautD3GB2TGFkanCHmRGFiu9xwHiF41qy8pecDeQU51/D/GCqlBO6qTSL/aNjCUbuzdxX9hUy4=; ses15=; ses2=; vis2=307072^1; khaos=KNXU2P3M-24-H7HF; vis15=307072^2; audit=1|0o8zzNO5o4apOgyIhu/SlihtT5ScaOAAxoLpw+AgQP7+rvwdh0+7y5G5ZVIlGd9LkDRkS4UBemWAF7qA5WC/AAkoGMUMgRhT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Apr 2021 23:59:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9A88 2 KB
1 KB 96ms
33ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 7DC5 668 B
720 B 28ms
27ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 34271931464435bcfe56d886bf48ed84557081e0113f926914624b4785bee6a9

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=64480e4f-53af-0618-2619-8cfdd14fce82|1619395174; Version=1; Expires=Mon, 25-Apr-2022 23:59:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619395177|gekin0vNiygu; Version=1; Expires=Mon, 10-May-2021 23:59:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 25 Apr 2021 23:59:37 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 59CF 22 KB
8 KB 88ms
88ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd01deda7afdc1eb184dd3e647ebf9d285447bf3d967bc72fd6aa82e67920b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Wed, 27 Oct 2021 23:59:37 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 27 Apr 2021 23:59:37 GMT
date: Sun, 25 Apr 2021 23:59:37 GMT
content-length: 8097

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C539 22 KB
8 KB 69ms
69ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1619394923

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd01deda7afdc1eb184dd3e647ebf9d285447bf3d967bc72fd6aa82e67920b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C251%2C273%2C175%2C132%2C178%2C3018%2C3017%2C159%2C214%2C3015%2C97%2C77%2C99%2C56%2C3012%2C182%2C3010%2C184%2C261%2C141%2C188%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C108%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://arstechnica.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Wed, 27 Oct 2021 23:59:37 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 27 Apr 2021 23:59:37 GMT
date: Sun, 25 Apr 2021 23:59:37 GMT
content-length: 8097

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F153
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c1116086-0269-4500-a2a4-361a6e7246bb

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c1116086-0269-4500-a2a4-361a6e7246bb
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 25 Apr 2021 23:59:34 GMT
Server: MT3 3660 495c301 master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c1116086-0269-4500-a2a4-361a6e7246bb
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 23:59:33 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F153
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zxda08kVVNzURVPRz0JP18wSVIfUFVvTzhS_54g5

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zxda08kVVNzURVPRz0JP18wSVIfUFVvTzhS_54g5
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zxda08kVVNzURVPRz0JP18wSVIfUFVvTzhS_54g5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame F153
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4570243549238492708

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4570243549238492708
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4570243549238492708
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame F153 70 B
264 B 38ms
36ms Image
image/gif 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=b7e43116-fa28-39ef-7ccf-4415b568fd7f&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F153
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

170 B
188 B

73ms
37ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F153
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKSFdEZ6xmXBwrHOk24ajY&google_cver=1

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKSFdEZ6xmXBwrHOk24ajY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKSFdEZ6xmXBwrHOk24ajY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A716
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ecc96086-0269-4e00-88c5-f64139849007

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ecc96086-0269-4e00-88c5-f64139849007
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 25 Apr 2021 23:59:35 GMT
Server: MT3 3660 495c301 master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ecc96086-0269-4e00-88c5-f64139849007
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 23:59:34 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A716
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hZxNgoOeQ42ezkSN0p1Yg4vIQIeeyk2Ei5U4_h1B

43 B
122 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hZxNgoOeQ42ezkSN0p1Yg4vIQIeeyk2Ei5U4_h1B
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hZxNgoOeQ42ezkSN0p1Yg4vIQIeeyk2Ei5U4_h1B
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A716
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5308246646932714119

43 B
106 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5308246646932714119
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5308246646932714119
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A716 70 B
264 B 39ms
36ms Image
image/gif 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=b7e43116-fa28-39ef-7ccf-4415b568fd7f&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A716
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

170 B
188 B

74ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A716
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFtmYW5ePuF3o6KRbxMhG3I&google_cver=1

43 B
106 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFtmYW5ePuF3o6KRbxMhG3I&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFtmYW5ePuF3o6KRbxMhG3I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7DC5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77726086-0269-4600-b760-fbae01866115

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77726086-0269-4600-b760-fbae01866115
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 25 Apr 2021 23:59:35 GMT
Server: MT3 3660 495c301 master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77726086-0269-4600-b760-fbae01866115
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 23:59:34 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7DC5
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BJE2dgKTOHkfwz8hVpQjcVSUOyEfkzhwA8Ke0Odn

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BJE2dgKTOHkfwz8hVpQjcVSUOyEfkzhwA8Ke0Odn
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BJE2dgKTOHkfwz8hVpQjcVSUOyEfkzhwA8Ke0Odn
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7DC5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4994714157912175003

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4994714157912175003
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4994714157912175003
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 7DC5 70 B
264 B 38ms
37ms Image
image/gif 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=b7e43116-fa28-39ef-7ccf-4415b568fd7f&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7DC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

170 B
188 B

74ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWI4YmUyZGMtMzM1Zi02NzRiLTY5MmYtMWVhYzdmOGEzMzFm&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7DC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIGFTXPPITZrHMLOOh2oGWQ&google_cver=1

43 B
106 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIGFTXPPITZrHMLOOh2oGWQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIGFTXPPITZrHMLOOh2oGWQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 85CC 54 B
326 B 173ms
37ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Sun, 25 Apr 2021 23:59:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 9EBC 54 B
326 B 130ms
34ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Sun, 25 Apr 2021 23:59:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 6779 54 B
326 B 136ms
37ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPFPBf3PFPBf3AcABBENBXCgAAAAAAAAAChQAAAAAAJBAGIAAoAHAAeABcAD4ALQAfABGACSAGIAP4AkQBXADNAG0AOIAcgA5wB1AD_AIGAQcAkQBPwChgGEAOqAh8BHoCQgErAJtAWEAugBdQC7QF5AMQAYsAyEBkYDKAGhANGAaUA1MBtADbgG6AOCCQVQAEAALgAoACoAGQAOAAeABAACIAGEANAA1AB5AEMARAAmABPgCqAKwAWAAuABvADmAHoAQgAhoBEAESAI6ASwBLgCaAFKALcAYYAyABlwDUANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBfgDFAGsANoAbgA3gB6AD5AIbAQ6Ai8BIgCYgEygJsATsAocBSICxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayGAKAALAAuAEYAJIAVQAxABvAGkANUAcQBLQDqAJCAUOAugBfQDFgGRgNCAboGgSgBWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCGwEOgIqAReAkQBNgCdgFIgLkAYEAwkBh4DGAGTgM5AZ4Az4QAVAAWABcAGoARgAkgBVADEAG8AVwA1QBxAEiAJaAbgA3gCQgFDgLoAYsA0IBugiA-AFYALgAhgBkADLAGoANkAdgA_ACAAEYAKWAU8Aq4BrADqgHyAQ2Ah0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4VAdAAoAEMAJgAXABHADLAGoAOwAfgBGACOAFLAKvAWgBaQDeAJBATEAmwBTYC2AFyALzAYEAw8BkQDOQGeAM-AbkKAHABiAGqANoAcQA5AB4AEFAJaAdUBHoC-gGaANCAa8MgNAAUACGAEwALgAjgBlgDUAHZAPsA_ACMAEcAKWAVcArYBvAExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwwAaADUAMQA1QBtADiAHIAPAAloBYgDqgI9AXkA0IcBcAAEAAiABwAHgAXAA-AC0AHIAPwAggBGAC6AGQANAAfwBIgCdAFmAL4AZYAzQBpADVAG0AOIAcgA5wB1ADsAHcAQAAgYBBYCDgIQAREAkQBLQCbQE-AT8ApYBUAC2gF6gMAAwIBhADMgGsANeAbwA44B0gDqgHkAPkAhCBD4EQAI9ASFAlYCVwExAJlATaAoUBSACkwFMAKmAVUArYBXICuwFlALSAWoAuKBdAF1AL2AX0AwIBiADFgGQgMoAZeA0KBooGjANKAaaA1MBrwDaAG2ANuHQZgAFwAUABUADIAHAAQAAiABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AF8AMQAZgA3gBzAD0AIQAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA1ABsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWkAuYBdQC8gF-AMUAbQA3EB0wHUAPQAhsBDoCIgEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC0AFsALgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFuAL4AZYA1QBtADiAHIAOcAdgA8ACCgE-AKWAWIAwABhADMgG8AOqAdsBD4CPQEhAJXATEAm0BQoCkAFJgK2AXQAvIBewC-gGBAM0AaEA0UBpQDUwG2ANuIQPAAFgAUAAyACIAFwAMQAhgBMACqAFwAL4AYgAzABvAD0AI4AWIAwgBlADUAG-AO-AfYB-AD_AIwARwAlIBQQChgFPAKvAWgBaQC5gF-AMUAbQA6gB6AEggJEASoAmwBTQCxQFogLYAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAjAAEAA4AC4AIQAcgBkADeAJEAXIAvgBlgDUAG0AO4AgABCQCWgE-AKgAa8A3gB1QD7AJWATaApMBZQC0gF7AL6AYiAxYBoQDSgG5EoHQACAAFgAUAAyABwAEUAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhABDQCIAIkARwAowBSgC3AGEAMoAaoA2QB3gD8AIwARwAp4BV4C0ALSAXUAxQBuADqAHyAQ6AioBF4CRAE2ALFAWwAu0BeYDDwGRAMnAZYAzkBngDPgGkANYAcAUAigACAAuAB8AEIALQAcgA_ACMAFYAMgAbQA3gByAEcAJEAToAuQBfADLAGoANcAbQA4gBzgDqAHcAPAAgABBwCEgEVAJEAS0Am0BPgE_AKWAWIAuoBgADCAGKANeAbwA6oB2wDyAHyAP-Aj0BMQCZQE2gKQAUwAqYBXYC0AF0ALyAX0AwIBiwDQgGiANKAabA1IDUwGvAOCKQSgAFwAUABUADIAHAAQAAigBgAGMANAA1AB5AEMARAAmABPACkAFUALAAXAAvgBiADMAHMAQgAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CmgFbALFAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Sun, 25 Apr 2021 23:59:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 25 Apr 2021 23:59:37 GMT
Connection: keep-alive

GET
H3-29 200 /
www.facebook.com/tr/ Frame E294 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663130473914833&ev=Microdata&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&rl=&if=true&ts=1619395177931&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1619395176421.338818193&it=1619395175713&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 25 Apr 2021 23:59:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1CCD 31 KB
9 KB 33ms
32ms Script
text/html 184.30.212.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 23:59:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:34:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12840
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Mon, 26 Apr 2021 03:33:38 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame E294 48 B
48 B 100ms
99ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-04-25T23%3A59%3A38.459Z&_c=Player%20Event&_t=2%20Sec%20In-View%20Moat&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Ffirst-look-xbox-adaptive-controller&cId=5afc7010841c4b6e41000001&cKe=console%2Ccontrollers%2Cars%20technica%2Cars&cPd=2018-05-17T05%3A00%3A00%2B00%3A00&cTi=First%20Look%3A%20Xbox%20Adaptive%20Controller&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=233&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&pWw=276&pWh=155.25&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&uId=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&xid=47a4bb5d-117c-4fdb-a669-ed083338466f&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%22ddb306f%22%2C%22guid%22%3A%228267eba5-8ec0-133a-4d0f-90fad2415842%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A481%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_c6023900-b922-49b4-8cb0-792b146a01d4_similar2-3%22%2C%22recStrategy%22%3A%22similar2_3%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:38 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=2634&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A941%3A941%3A0%3A1164&as=1&ag=2183&an=1171&gi=1&gf=2183&gg=1171&ez=1&ck=2183&kw=1407&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2183&bx=1171&ci=2183&jz=1407&dj=1&dx=1&undefined=1&aa=1&ad=2082&cn=1070&gn=1&gk=2082&gl=1070&co=2082&cp=1407&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2418&cd=1407&ah=2418&am=1407&dq=2027&dr=1016&ds=2027&dt=1016&zx=0&tb=0&vm=1&vl=0&vt=1&vd=0&zMoatSRE=0.02228125&zMoatVSD=233&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4327&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1340866822&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=2635&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A941%3A941%3A0%3A1164&as=1&ag=2183&an=2183&gi=1&gf=2183&gg=2183&ez=1&ck=2183&kw=1407&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2183&bx=2183&ci=2183&jz=1407&dj=1&dx=1&undefined=1&aa=1&ad=2082&cn=2082&gn=1&gk=2082&gl=2082&co=2082&cp=1407&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2418&cd=2418&ah=2418&am=2418&dq=2027&dr=2027&ds=2027&dt=2027&zx=0&tb=0&vm=1&vl=1&vt=1&vd=0&zMoatSRE=0.02228125&zMoatVSD=233&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4327&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=97596122&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:38 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1CCD
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1---&google_tc=

170 B
188 B

65ms
38ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1---&google_tc=

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05YVTJQM00tMjQtSDdIRg==&us_privacy=1---&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1CCD 70 B
264 B 39ms
37ms Image
image/gif 52.18.54.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.54.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1CCD 0
0 69ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1CCD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YIYCagAAdEKjywAC
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIYCagAAdEKjywAC&us_privacy=1---&_test=YIYCagAAdEKjywAC

0
239 B

62ms
33ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIYCagAAdEKjywAC&us_privacy=1---&_test=YIYCagAAdEKjywAC
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619395179.865677,VS0,VE0
x-served-by: cache-hhn4058-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIYCagAAdEKjywAC&us_privacy=1---&_test=YIYCagAAdEKjywAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1CCD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=77726086-0269-4600-b760-fbae01866115

0
239 B

122ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=77726086-0269-4600-b760-fbae01866115
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

Date: Sun, 25 Apr 2021 23:59:35 GMT
Server: MT3 3660 495c301 master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=77726086-0269-4600-b760-fbae01866115
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 25 Apr 2021 23:59:34 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1CCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHxp7DkR5870AATpBo_sPFY&google_cver=1

0
239 B

83ms
30ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHxp7DkR5870AATpBo_sPFY&google_cver=1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHxp7DkR5870AATpBo_sPFY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1CCD
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNXU2P3M-24-H7HF&sigv=1&esig=2~eb2a23162d93029c09bbbf3f26f1a59330ae733f&us_privacy=1---

0
445 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNXU2P3M-24-H7HF&sigv=1&esig=2~eb2a23162d93029c09bbbf3f26f1a59330ae733f&us_privacy=1---

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:38 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNXU2P3M-24-H7HF&sigv=1&esig=2~eb2a23162d93029c09bbbf3f26f1a59330ae733f&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1CCD
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/YeaUrBLRwX2YXQd5t3pbLcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7110016302388067203

0
239 B

29ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7110016302388067203
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Sun, 25 Apr 2021 23:59:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7110016302388067203
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00007.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 32ms
32ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00007.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d0e429f28f2c474bf12f4d488c2dd755ccedfb35922bd33faa4b2f0c3f86212

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 06:49:14 GMT
Content-Encoding: gzip
Vary: Origin
Age: 61826
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"294da4877371612c321385ed7431d537"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: uajWd5tCSrxm2Iop51x2LzltXk1RtjuCaD-0MlGvULGc_UDcAnU1lQ==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 101ms
100ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-04-25T23%3A59%3A39.729Z&_t=timespent&cBr=Ars%20Technica&cKe=exploits%7Cmicrosoft%7Coffice%7Cvulnerabilities%7CWord%7Czeroday&cCh=information%20technology&cTi=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932&cEnt=microsoft%2C%20page%20layout%2C%20zero-day%20attack%2C%20mcafee%2C%20malware%2C%20fireeye%2C%20html%20application%2C%20windows%20registry%2C%20dan%20goodin%2C%20e-mail%2C%20rich%20text%20format%2C%20utc%2C%20california%2C%20windows%2010%2C%20operating%20system%2C%20macro%2C%20people%2C%20cond%C3%A9%20nast%2C%20ars%20orbital%20transmission%2C%20black%20hat%20usa&cEnw=1%2C%200.6784015477110633%2C%200.6268754530888921%2C%200.6112050352517427%2C%200.5769415477213082%2C%200.5278673858966411%2C%200.4876640019841165%2C%200.4251233242626762%2C%200.4219554491828688%2C%200.4055303805005162%2C%200.4003259436441344%2C%200.391641659880906%2C%200.36639663721428006%2C%200.3631841362436009%2C%200.36076348914452483%2C%200.3556732396947552%2C%200.3498922968926395%2C%200.3410893830977022%2C%200.30540966836663985%2C%200.2996590443923909&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=749&cId=1074069&cPd=2017-04-08T20%3A00%3A41.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day&pRt=referral&pHp=%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5500&pSw=1600&pSh=1200&uID=6b4bb62e-fad2-4bc1-b4e4-206e940eb385&sID=eaf4b48a-1691-41a8-89c8-b724a71460e3&pID=87f69aff-c8b4-4807-b9de-3ca04c84fcaf&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=general&xID=47a4bb5d-117c-4fdb-a669-ed083338466f&_v=5000&environment=prod&origin=ars-technica&cKh=microsoft%2Cvulnerability%2Cbooby-trapped%20word%20document%2Cpage%20layout%2Czero-day%20attack%2Cmcafee
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:39 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
34ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&pxm=3&vz=-&zp=0&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&confidence=2&pcode=condenastprebidheader987326845656&ql=&qo=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&id=1&ii=4&f=0&j=&t=1619395175948&de=791793625018&cu=1619395175948&m=5648&ar=e4967b0-clean&iw=a0753d6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5470&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A941%3A941%3A0%3A1164&as=1&ag=5196&an=2183&gi=1&gf=5196&gg=2183&ez=1&ck=2183&kw=1407&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=5196&bx=2183&ci=2183&jz=1407&dj=1&dx=1&undefined=1&aa=1&ad=5095&cn=2082&gn=1&gk=5095&gl=2082&co=2082&cp=1407&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5632&cd=2418&ah=5632&am=2418&dq=5241&dr=2027&ds=5241&dt=2027&zx=0&tb=0&vm=1&vl=1&vt=3&vd=0&zMoatSRE=0.02228125&zMoatVSD=233&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=4327&ek=1&ef=1&rf=0&re=0&cl=0&at=0&d=First%20Look_%20Xbox%20Adaptive%20Controller%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5afc7010841c4b6e41000001&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1445663948&cs=0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:59:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 25 Apr 2021 23:59:41 GMT

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00008.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 32ms
32ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00008.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ded64b8e7a07e466f5ac8e0932702395f811b35a3da0de39bef4c1b163aef62

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 04:20:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 70763
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"3a34213aa5c06b7f51fe3a118714ca5f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: EQCxU6i-MWXphEq0eO_EglNRjyoSy3E7k1_klJrr4_s93nH__ePRuw==

GET
H2

200

p2
sb.scorecardresearch.com/ Frame E294
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528&...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528...

64 B
329 B

71ms
71ms

Image
image/gif

143.204.245.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=10000&ns_st_pa=10000&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395185791&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-55.cph50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 23:59:45 GMT
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Mp3GTUcpzJJFf2rNW8_8RWdoWOc7ol29PCE-jvNM9EWSC6ENNRb2aQ==

Redirect headers

date: Sun, 25 Apr 2021 23:59:45 GMT
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1619395175790_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10000&ns_st_cl=233528&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=10000&ns_st_pa=10000&ns_st_ci=5afc7010841c4b6e41000001&ns_ts=1619395185791&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&c8=First%20Look%3A%20Xbox%20Adaptive%20Controller&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
content-length: 871
x-amz-cf-id: SvLNUw9r-q5m3aZ6RoPW0y45ibTMQ-XbswP5H7DDfs7lApDoWVi7Bg==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00009.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 31ms
31ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00009.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bdf1a079246221af062a6cdf7515f5e5ea85e43e9e627bf54d1b6985c8cad88

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 07:52:56 GMT
Content-Encoding: gzip
Vary: Origin
Age: 58010
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:19 GMT
Server: AmazonS3
ETag: W/"1884c3acdd9cbeccbb633a450e3b4b37"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: pNdG44Wso1rte60Io9dOelfHfjP27NcAKUXfye9J68fCiImjV3LAVw==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 100ms
100ms Image
image/gif 3.223.14.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-04-25T23%3A59%3A46.227Z&_t=adBlock&cBr=Ars%20Technica&cKe=exploits%7Cmicrosoft%7Coffice%7Cvulnerabilities%7CWord%7Czeroday&cCh=information%20technology&cTi=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.46503489989435565%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932%2C%200.1858646133202932&cEnt=microsoft%2C%20page%20layout%2C%20zero-day%20attack%2C%20mcafee%2C%20malware%2C%20fireeye%2C%20html%20application%2C%20windows%20registry%2C%20dan%20goodin%2C%20e-mail%2C%20rich%20text%20format%2C%20utc%2C%20california%2C%20windows%2010%2C%20operating%20system%2C%20macro%2C%20people%2C%20cond%C3%A9%20nast%2C%20ars%20orbital%20transmission%2C%20black%20hat%20usa&cEnw=1%2C%200.6784015477110633%2C%200.6268754530888921%2C%200.6112050352517427%2C%200.5769415477213082%2C%200.5278673858966411%2C%200.4876640019841165%2C%200.4251233242626762%2C%200.4219554491828688%2C%200.4055303805005162%2C%200.4003259436441344%2C%200.391641659880906%2C%200.36639663721428006%2C%200.3631841362436009%2C%200.36076348914452483%2C%200.3556732396947552%2C%200.3498922968926395%2C%200.3410893830977022%2C%200.30540966836663985%2C%200.2996590443923909&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=749&cId=1074069&cPd=2017-04-08T20%3A00%3A41.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day&pRt=referral&pHp=%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5600&pSw=1600&pSh=1200&uID=7af8ec78-1fa4-4652-9b11-6e134cfb45a3&uNw=1&uUq=1&pID=45a3db2a-7079-4592-8beb-606c1fa68aea&uDt=desktop&dim1=%7B%22runtimeId%22%3A%22rEeTfjGtaQBBo%22%2C%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22exploits%22%2C%22microsoft-3%22%2C%22office%22%2C%22vulnerabilities%22%2C%22word%22%2C%22zeroday%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%2C%22adBlock%22%3Atrue%7D%2C%22adBlock%22%3Atrue%7D&_o=ars-technica&_c=ad_metrics&xID=47a4bb5d-117c-4fdb-a669-ed083338466f&environment=prod&origin=ars-technica&cKh=microsoft%2Cvulnerability%2Cbooby-trapped%20word%20document%2Cpage%20layout%2Czero-day%20attack%2Cmcafee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.14.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-14-133.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 25 Apr 2021 23:59:46 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

POST
H/1.1 204
No Content events
wren.condenastdigital.com/1.0/conde/ 0
732 B 102ms
101ms Ping
image/gif 52.207.120.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wren.condenastdigital.com/1.0/conde/events?topic=wren.events.ads&api_key=d3Jlbg

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1619394923

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.120.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-120-193.compute-1.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 25 Apr 2021 23:59:47 GMT
x-content-type-options: nosniff
Server: nginx/1.15.8
x-frame-options: DENY
x-download-options: noopen
vary: origin
Connection: keep-alive
Content-Type: image/gif
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; preload
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usersync Show response
usersync.getpublica.com/ Frame 9152 0
198 B 99ms
98ms Document
text/plain 3.221.88.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Requested by: Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.88.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usersync.getpublica.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
Date: Sun, 25 Apr 2021 23:59:47 GMT
Content-Length: 0

GET
H/1.1 200
OK usersync Show response
usersync.getpublica.com/ Frame 4C4D 0
198 B 99ms
98ms Document
text/plain 3.221.88.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1---
Requested by: Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.88.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usersync.getpublica.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://arstechnica.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
Date: Sun, 25 Apr 2021 23:59:47 GMT
Content-Length: 0

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00010.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 33ms
32ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00010.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ca94bf4680ee097ce6cf42b5b1d93529e4b486125bf11fbd77e637687db5dbb

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 04:20:26 GMT
Content-Encoding: gzip
Vary: Origin
Age: 70763
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:22 GMT
Server: AmazonS3
ETag: W/"df065c46a20004803fc44e25252843a2"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: plfck8fIrNQa5Z1-pPkimWAIhmhqy9snfdIlA5W0Gfbzv_Jkl8MOBQ==

GET
H/1.1 200
OK 6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00011.ts Show response
dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/ Frame E294 2 MB
2 MB 33ms
31ms XHR
application/x-mpegurl 13.225.87.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5afc7010841c4b6e41000001/6c372966-5d44-4560-b644-bcf60dbf1c50file-5872k-128-48000-1920-00011.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab2534821a6dd282a3d03c76da948fbe3078a37cb4aaf6596debe57fe5597b7a

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Apr 2021 04:20:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 70763
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 May 2018 18:05:20 GMT
Server: AmazonS3
ETag: W/"164bea3cc6f9d6b7d756043620fc9fe2"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: cKRCJfQ5UTpflTZw_2R28a2WS3ApTnWAvclNqhCxtPUAq6a6X3ZMVw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: condenastus-d.openx.net
URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9a9bb9de-a6f8-4eeb-9711-564138a47a87&nocache=1619395173677&us_privacy=1---&aus=300x250%2C300x50%2C320x50%2C728x90&divIds=mid-content_300x250_300x50_320x50_728x90&auid=541000584&aumfs=50

Domain: pbs.getpublica.com
URL: https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=1&site_name=arstechnica&content_episode=null&content_length=233&content_season=&content_id=5afc7010841c4b6e41000001&content_title=First%20Look%3A%20Xbox%20Adaptive%20Controller&content_series=&content_language=en&content_category=technology%2Cgaming%20%26%20entertainment%2CScience%20%26%20Tech%2CPop%20Culture--Video%20Games&content_keywords=console%2Ccontrollers%2Cars%20technica%2Cars&site_page=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cb=7055977

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-19 17:51:43	Name: vis15 Value: 307072^2
eus.rubiconproject.com/	1970-01-19 19:59:31	Name: pux Value: 1512%3D99192%262249%3D99192%262307%3D99192%262974%3D99192%263778%3D99192%26goog%3D99192%26idl%3D99192%26brx%3D99192%26
.rubiconproject.com/	1970-01-19 17:51:43	Name: vis2 Value: 307072^1
.adnxs.com/	1970-01-19 19:59:31	Name: uuid2 Value: 7484511246760294868
.adnxs.com/	1970-01-19 19:59:31	Name: icu Value: ChgI_rtmEAoYAiACKAIw5YSYhAY4AkACSAIQ5YSYhAYYAQ..
arstechnica.com/	1970-01-19 18:33:07	Name: _lr_env_src_ats Value: false
arstechnica.com/	1970-01-19 17:49:58	Name: _lr_retry_request Value: true
arstechnica.com/	1970-01-19 17:57:00	Name: CN_visits_m Value: 1619820000336%26vn%3D1
.arstechnica.com/	1970-01-19 19:59:31	Name: _fbp Value: fb.1.1619395176421.338818193
.openx.net/	1970-01-20 02:35:31	Name: i Value: 64480e4f-53af-0618-2619-8cfdd14fce82\|1619395174
arstechnica.com/	1970-01-19 20:13:55	Name: cneplayercount Value: 2
.arstechnica.com/	1970-01-20 02:35:31	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Apr+26+2021+01%3A59%3A33+GMT%2B0200+(Central+European+Summer+Time)&version=6.16.0&hosts=&consentId=af0c3cf2-d755-43af-898d-b8dca6074196&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&groups=C0003%3A0%2CC0004%3A0%2CC0005%3A0%2CC0001%3A1%2CC0002%3A0%2CSTACK42%3A0
.media.net/	1970-01-19 22:16:19	Name: gdpr_status Value: 1
.arstechnica.com/	1970-01-19 17:50:38	Name: _parsely_tpa_blocked Value: {%22tpab%22:false}
.rubiconproject.com/	1970-01-20 02:35:31	Name: khaos Value: KNXU2P3M-24-H7HF
.arstechnica.com/	1970-01-20 11:21:07	Name: _ga Value: GA1.2.1527306430.1619395174
arstechnica.com/	1970-01-19 18:33:07	Name: CN_su Value: 1eb67d3d-befa-4b07-92f8-0a2d9dccc6cd
arstechnica.com/	1970-01-19 17:49:56	Name: CN_in_visit_m Value: true
.openx.net/	1970-01-19 18:11:31	Name: pd Value: v2\|1619395177\|gekin0vNiygu
arstechnica.com/	1969-12-31 23:59:59	Name: CN_sp Value: 6b4bb62e-fad2-4bc1-b4e4-206e940eb385
.rubiconproject.com/	1970-01-20 02:35:31	Name: audit Value: 1\|0o8zzNO5o4apOgyIhu/SlihtT5ScaOAAxoLpw+AgQP7+rvwdh0+7y5G5ZVIlGd9LkDRkS4UBemWAF7qA5WC/AAkoGMUMgRhT
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUH+v3fWCPuzNowDE/csJlhLLetiyBpIpb0Ow58ruqWPWnoQ6qVZbmJiY/FKQautD3GB2TGFkanCHmRGFiu9xwHiF41qy8pecDeQU51/D/GCqlBO6qTSL/aNjCUbuzdxX9hUy4=
arstechnica.com/	1969-12-31 23:59:59	Name: pID Value: 87f69aff-c8b4-4807-b9de-3ca04c84fcaf
arstechnica.com/	1970-01-19 18:33:07	Name: _pbjs_userid_consent_data Value: 3524755945110770
.arstechnica.com/	1970-01-19 17:49:56	Name: sID Value: eaf4b48a-1691-41a8-89c8-b724a71460e3
.rubiconproject.com/	1970-01-19 17:51:43	Name: ses15 Value:
arstechnica.com/	1970-01-19 20:13:55	Name: cneplayercaptions Value: showing
.arstechnica.com/	1970-01-19 17:51:21	Name: _gid Value: GA1.2.2044715989.1619395174
.arstechnica.com/	1970-01-19 17:49:55	Name: _gat_UA-31997-1 Value: 1
.arstechnica.com/	1970-01-19 17:49:55	Name: _dc_gtm_UA-31997-1 Value: 1
arstechnica.com/	1970-01-20 02:35:31	Name: usprivacy Value: 1---
.arstechnica.com/	1970-01-19 18:33:07	Name: seen_posts Value:
.arstechnica.com/	1970-01-19 17:49:58	Name: AMP_TOKEN Value: %24NOT_FOUND
.rubiconproject.com/	1970-01-19 17:51:43	Name: ses2 Value:
.arstechnica.com/	1970-01-19 17:49:56	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/%22%2C%22sref%22:%22%22%2C%22sts%22:1619395173275%2C%22slts%22:0}
.arstechnica.com/	1970-01-19 17:49:55	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-20 03:19:19	Name: _parsely_visitor Value: {%22id%22:%22pid=e154e40a6d65710f2fc1be2d151f2954%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619395173275}
arstechnica.com/	1970-01-19 18:15:50	Name: CN_xid Value: 47a4bb5d-117c-4fdb-a669-ed083338466f

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://player.cnevids.com/script/video/604b9ee038d06931f218aaca.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady5114434(Line 1) Message: CNE Player: Error fetching or parsing prebid Error: Timeout errorData => [object Object]
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-3b69c14074aa2063b323.js(Line 12) Message: VIDEOJS: adserror (Preroll)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d.condenastdigital.com
acdn.adnxs.com
ads.yahoo.com
ampcid.google.com
ampcid.google.de
api.cnevids.com
api.condenast.io
api.rlcdn.com
arstechnica.com
assoc-na.associates-amazon.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cm.g.doubleclick.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fpa-cdn.arstechnica.com
fpa-events.arstechnica.com
geolocation.onetrust.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
images.outbrainimg.com
imasdk.googleapis.com
infinityid.condenastdigital.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
mb.moatads.com
mcdp-chidc2.outbrain.com
odb.outbrain.com
p.skimresources.com
pagead2.googlesyndication.com
pbs.getpublica.com
pixel.condenastdigital.com
pixel.quantserve.com
pixel.rubiconproject.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.media.net
pubads.g.doubleclick.net
px.moatads.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
srv-1970-01-01-00.pixel.parsely.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.getpublica.com
sync.mathtag.com
t.skimresources.com
tcheck.outbrainimg.com
token.rubiconproject.com
u.openx.net
us-u.openx.net
usersync.getpublica.com
widget-pixels.outbrain.com
widgets.outbrain.com
wren.condenastdigital.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
condenastus-d.openx.net
pbs.getpublica.com
13.224.194.40
13.225.84.169
13.225.87.13
13.32.21.36
13.33.139.102
142.250.181.226
142.250.186.34
143.204.234.45
143.204.245.55
143.204.247.127
151.101.114.132
151.101.114.49
151.101.13.108
151.101.192.239
151.101.64.239
151.139.128.11
172.217.16.130
184.25.115.31
184.30.212.16
185.29.133.52
185.33.220.240
2.18.232.28
2.18.234.190
2.18.234.21
2.18.235.40
2.18.235.93
205.234.175.175
213.19.162.51
2606:4700:10::6814:b944
2606:4700::6810:9440
2606:4700::6811:4032
2606:4700::6813:da83
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2006
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0d::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.130.39.244
3.221.88.208
3.223.14.133
3.224.128.70
3.85.138.43
34.120.133.55
34.250.155.89
34.253.102.121
35.157.246.167
35.170.235.46
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
35.244.174.68
37.157.6.247
50.31.142.191
52.18.54.41
52.207.120.193
52.73.123.163
54.164.187.255
64.202.112.127
69.173.144.138
69.173.144.139
72.21.195.65
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
058aadd34057f1fdc2a762da06a5e9e37a6639733261db440f5a34dda9a36582
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082b526f84a7149db4d26f1e929d06bf7cefab5f297ba13cc77bdbda22697e28
08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b007dbfcccea179fcd6c00d14ee5b1073ec43ce1be762263991b46a8341529a
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdf1a079246221af062a6cdf7515f5e5ea85e43e9e627bf54d1b6985c8cad88
0d0e429f28f2c474bf12f4d488c2dd755ccedfb35922bd33faa4b2f0c3f86212
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
14b4f14e4aed5549be95ab27287bc656b288585c5bfc94ce4b951641065dd907
159870d28d6a141f4c7da2dcf3970caf103a391dea9149500a8407276a69b070
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
17a5258bbef812094b4a85b596b96aebe76c5598d41703ada6e20fef2b943a69
17f21ab470f0a1cacd46e91124483e9223826b56adb10a874538b4bd9a0f45ed
1a4c6423c6be25dfcd527eefad63698b6aefd63d79802bba6917cdd458fcab1b
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1c7dfd0be65c82b1a647b30a807508b520489b3aa44c17a75d4134b7d0deb5ec
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
257ba62cb20455a8ec546150210bf7ee08eb205362d5799404bdc0197913f242
265974f7dd29be4bae22250bd4afd4e57a20eb3c12dc8f623218e1cd8b03fd76
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
281ba70d6e7e5c193cd6b4bbb0c656e15e9479573bc02debaeba7c084c37bb21
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2a052d66ed0e757990bd8ec897a24b7e410b11ca7e7704503c7401fb83bdecc1
2c42115c0847de6030c95c350f66525b4311997d1911f4d887e8f1c991fcadcc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cca5aba163acaf2c1f9d5d6165b374b89ca4972abe3038de2a4435b09107d6b
2d7e993404ea0eb6a639bdc7aaa99146ae8881a4e16358c5705222ed935ab797
2db2f16f2ca017e865150e9b6edbbc4c4349ad8448db72e8bb21bbfb40cc4092
2db566008354079e5f1a0618d48ee5f8a643725875d6dc65751b29db3209abe4
302ad78f250c6648ffd32cf3bc473a9104bf807b617823a89f8247a1230bb02c
34271931464435bcfe56d886bf48ed84557081e0113f926914624b4785bee6a9
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3652e6fb02f1582911a2b3d050df9cb8afde04444b29988e9fb16af00756d8bd
36db514bee2ec91f56cac3fbce1295fdedf90e41d587733fb70f4fd265a4b342
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3b150a27981e05771154e8231d64b433239056246ef9ab87aa1573b115125980
3b3d0b79fe69813370f33c2ea260ff0d1ba2e20243f7708dc1a272f31c46e680
3b97d9bc8940075002b3e2cafed153c488f88364d1e2400d872d7738a8f5f1b3
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db201265ff930de1145cad85c826a123a514c601bd761a8f1e942ad2058c5a1
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4003e7a5967aa6cf711992cd31336895f88914dafd28d08562b10813bead3236
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
42e09a00f781da1e4c4ccc4ea4f8520d7e090ad29dd246bb35cc71a6842b2030
456741f052fb96cb3fe51a56a61fa3d6aaf8a7ba345d3ceac0d07cd0110bd8c5
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
4788c1ffaabfbf3623c7f23a57d37d79b95b2a8f647759d4112ab20fe4c500ef
4883cddba3aafc46864c8933b35c095e3a5b31a231b2894089f4cb7447ee93be
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
49ce0b9309f3549eff7156c661425c49e8f080f49c76feb6507549520c6fbe56
4acb4918bb4f45a11f27cf00210c700d6a931bed92b6fa1c9f19f82e8e9f12b2
4d2d6db4bd01b1aef48e4d572db47602ca09a50d1528748f88d5d2830532b730
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4ffeb969972ae39749979ba9b85e117d0782c5f3dc790c57c06103f6aa97e916
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
583d3c6cf7ab15e76c307497ec0680d67d97fc38be09b2dfecb64a440d5370d2
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5f9d9c24e264795c4ef5bc45509e8a7ee42243a7c113ab4ac03676260291a248
5fe4d6de64d3d8be44720e779a9a9f4a7f1dabb7f19e1a02debeaac7c22da635
60443b07c364586cb93f1b49b5bfdcfa6f4419def86c90f8cfcd666cf4d5545e
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
7401eddcf89110f15c8ae1dbc8bb7c246c19ea1d5ddb8316635b8e0863a812f2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
7521115e34e5890491443f2e72c69a83b8462b38a97ff4eed30aa01f6737adf2
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
783f4da7225e90e70e7bc0716906b5d36009977a745622092b05c5ec64fb4576
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7bd59c7fd301dc3b478f770485754e41657fdba2f6bd27aa6ebb10a395df810a
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ed6539405692e1eb89915fb56407ff64dfab01f3088befe6634c89c7e11d77b
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
80187c5fc5664a19b370b9e1e348b7dd1beb8d94c686a5d4247251c08416dd69
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
81c8fee9f1cc303c4b87846d83eca2ff3e3fe86cdee76d1fbd9fefc672d97dfd
82a7ea4ad84effcc05828dfdfcb56cb10aed97b43063a588cdbf45039702bae2
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
837433070e29027e219300b61bb600ddd9307c1555a4a2a6d8df1d98ad1a1c78
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
847f38c34d4d2ea5a88f656d04e7011a89ffe7162a366d1f709229e70b5c4e81
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
85de7ae21bb108e964340f53357c9c8bfd55574e86d357f93beb02f5dce2b967
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
8629df225b82b5c1fe19e4197b96c4d64b4ffdb8fa8b3f7d70d255f2d8e529f1
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
872cc759897ebba5c23edb9704dc1f5a6e85f928837edfb852828d068050e666
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8ca94bf4680ee097ce6cf42b5b1d93529e4b486125bf11fbd77e637687db5dbb
8d6594000a7de4bbcbfe8d15d9fd4b00a2a35ff7b2f0ac2a5ec0899eaf60d88a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da8c23d9bf300c6d309b03cb5678ebadb3b4754e3c081278dbb6f82cbcac094
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
901faa59d208ffaf7ce2cb9f8d1e4e5816dde4bd71b9c7257628adbdfd756c57
926253539e7582bf4cc021a6f050ae1eadfe07a9b3e1f8bd4162d376ba79d372
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
95c1b9876c9ddf01e908be9af54bcc94b39203dcf85418dc39792b7e1b9b3907
971c6995b3a7e2009ffe6dd60c58adce3f25eedd38f8c672da8119d2f4661d65
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9ad86f96d9ea0e5505f92387803f974d512460dddd02baf2578d71d6f5f23a3f
9d19d1af09b3168474f8ec0141b4f35138b2215242d13a14553c45f8a969d678
9ded64b8e7a07e466f5ac8e0932702395f811b35a3da0de39bef4c1b163aef62
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9eb8b71832c6fc25fb3abc89b63da08d83fd74e2f57e76a5754067fac2c8d986
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a279c31dc8aece465847bf33b5650f77c92bf389ad5378bb962bbe7014ff6989
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a9b7fc17e65f84271549f982bba3f9b45dce62d5c797a4a555f05856caa15940
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
aa4e86d31adc5fdcd90367b8f17abb13c38c047f9cc68a5ea3bda9eb4b6c3ea4
ab2534821a6dd282a3d03c76da948fbe3078a37cb4aaf6596debe57fe5597b7a
ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1
af36e4b28a8c8570a91ad4b443fcd1dbe7a9138d55fbf39b06df049d3ecc5002
b3954c6cc46e0410df9329ad37228c369fc480970c0fd5475dcff46db48c6a7b
b5ac9be9ddb414f29f9729dbd5295284938848998df6fec71e95919c2831fd89
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9d30b01e0a45378b7f21ff5454038373f1783824b9978c2c1adff665b758a13
bd01deda7afdc1eb184dd3e647ebf9d285447bf3d967bc72fd6aa82e67920b0f
bd4c29326c981c8b38ab6caf8fccb7fcae4b6d01e75d6a49da6fbc37c0c48c67
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e
ce5ef32d348d36c541a723de1ff208440fe9768762656a609c634cbebe9052b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d290c638452275aa7dc8ab809884a3ff1bdcb91bc5c659bd250e9c1e062cc72c
d5f3418a3fa657175d5341b5e032be036cb4d5818de5d1497f2175be5a7e3701
d629be57195e2f2eb415a646bf16729d1834b6cf56764b597f9b0dd003b6c031
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d719cdff4b2a6e4b9f5c89a3f9018312eca453f4ab3c44795a814d1576038f5f
d99b3cb5cb997306b644cb1ef372fe0fd4fd22b60bcf1a312f601f9b29ab661c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db4649494b4b305c5539ed3c0ee954f538e3b953b930902c4c84f40e8d0e7108
db5f4a6ff11cf828a461aa96731d6dca09a573023ba8f0dc3329b307c986910a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e25f696ea4752460f6a353215430fc8e158971c18d734f28841b73f10a2f12f6
e2a3ed764a3ef9095592b793ec54285a79e5e9b520acd11570f0ee3fd075c02b
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e342ba4192c4e8e42594972a79fba3001d9522cf229cb626165112ecf1e0c780
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5edb557792560a8a710be304988f8c1152c240990aeac8aaf3ad86ced3ee038
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
ea7c8bcb59df59164853dcaa9804018bb8a9c6568462d3aadbdbb4549b438242
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35
ee93e6845398f0a9f40076b5ec112708a0f15fe449780efa1b6b7ba86f3a9d48
eef1362e2dc6989ccf5c85a67be44a172b70cbbe74adc2da78bfc68e991c3070
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bd4690251e5c8160cb7f363b6875636b2c8303fd5e1ec4c5aa6ce97ef2c437
f1473c9fb0736a769bd5fee12a77491be8243e28446766e5369d845a8c75176a
f817fb25f288bb8d554cc58b4513bd9e0fb4419b7f8659b58076658f9810aba3
f8d5d28c75e5bbd7c8bfc0aabc23f5c236700eba6dcc059791b624a60d851741
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe1a5b17ffd6abe803af0c0becda51ce7a78890783f61ba6ebbd0cf91119c3f3

arstechnica.com Open in urlscan Pro 3.130.39.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

97 %HTTPS

28 %IPv6

44 Domains

84 Subdomains

69 IPs

7 Countries

28537 kBTransfer

36538 kBSize

38 Cookies

66 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arstechnica.com Open in urlscan Pro
3.130.39.244 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

97 %
HTTPS

28 %
IPv6

44
Domains

84
Subdomains

69
IPs

7
Countries

28537 kB
Transfer

36538 kB
Size

38
Cookies

312 HTTP transactions
11 data transactions