URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Submission: On September 21 via api from US

Summary

This website contacted 84 IPs in 8 countries across 69 domains to perform 243 HTTP transactions.
The main IP is 50.31.169.131, located in Bensenville, United States and belongs to SERVERCENTRAL - Server Central Network, US. The main domain is arstechnica.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 16th 2019. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
3 50.31.169.131 23352 (SERVERCEN...)
18 205.234.175.175 30081 (CACHENETW...)
3 2a00:1450:400... 15169 (GOOGLE)
3 143.204.211.231 16509 (AMAZON-02)
6 2.18.234.21 16625 (AKAMAI-AS)
11 2.18.235.40 16625 (AKAMAI-AS)
1 13.35.253.53 16509 (AMAZON-02)
2 2.18.232.23 16625 (AKAMAI-AS)
3 143.204.214.13 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.139.128.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 216.58.206.2 15169 (GOOGLE)
1 143.204.214.90 16509 (AMAZON-02)
2 2.18.234.190 16625 (AKAMAI-AS)
2 34.230.155.118 14618 (AMAZON-AES)
2 143.204.208.228 16509 (AMAZON-02)
1 52.19.1.241 16509 (AMAZON-02)
2 151.101.112.239 54113 (FASTLY)
1 178.250.0.130 44788 (ASN-CRITE...)
1 2 52.48.237.210 16509 (AMAZON-02)
1 18.130.191.22 16509 (AMAZON-02)
1 2 35.190.59.101 15169 (GOOGLE)
17 52.5.37.73 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
4 34.240.220.248 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.145 27281 (QUANTCAST)
1 46.228.164.13 56396 (TURN)
6 2a03:2880:f02... 32934 (FACEBOOK)
1 151.101.112.157 54113 (FASTLY)
1 13.35.253.13 16509 (AMAZON-02)
1 35.190.92.63 15169 (GOOGLE)
1 35.165.247.37 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 52.3.171.116 14618 (AMAZON-AES)
1 143.204.214.123 16509 (AMAZON-02)
2 52.239.137.4 8075 (MICROSOFT...)
1 3 23.43.115.95 20940 (AKAMAI-ASN1)
2 4 35.227.248.159 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
7 2.18.232.28 16625 (AKAMAI-AS)
1 2600:9000:205... 16509 (AMAZON-02)
1 35.190.40.172 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.222.173.197 14618 (AMAZON-AES)
2 64.202.112.95 22075 (AS-OUTBRAIN)
8 12 152.199.21.89 15133 (EDGECAST)
2 69.173.144.143 26667 (RUBICONPR...)
2 63.140.41.50 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 52.86.29.231 14618 (AMAZON-AES)
2 3.209.40.151 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.98.72.95 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 91.228.74.175 27281 (QUANTCAST)
1 2600:9000:205... 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 143.204.208.59 16509 (AMAZON-02)
2 35.186.226.184 15169 (GOOGLE)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
1 35.201.67.47 15169 (GOOGLE)
4 104.17.193.78 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 13.32.222.190 16509 (AMAZON-02)
1 151.101.14.2 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.43.201.83 16509 (AMAZON-02)
2 2 185.33.223.209 29990 (ASN-APPNEXUS)
7 35.161.253.167 16509 (AMAZON-02)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 172.217.23.162 15169 (GOOGLE)
1 1 46.228.164.27 56396 (TURN)
2 2 18.195.155.181 16509 (AMAZON-02)
1 1 185.33.223.80 29990 (ASN-APPNEXUS)
5 13.32.218.236 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.69.119.154 16509 (AMAZON-02)
2 3.223.112.209 14618 (AMAZON-AES)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 104.244.42.67 13414 (TWITTER)
1 2a03:2880:f02... ()
2 3.225.242.81 14618 (AMAZON-AES)
2 178.250.2.152 44788 (ASN-CRITE...)
243 84
Domain
Subdomains
Transfer
24 condenastdigital.com
21 KB
20 dwgyu36up6iuz.cloudfront.net
403 KB
18 arstechnica.net
1023 KB
12 advertising.com
7 KB
12 moatads.com
231 KB
10 ad.gt
14 KB
10 doubleclick.net
106 KB
8 outbrainimg.com
49 KB
7 google-analytics.com
21 KB
6 facebook.net
239 KB
6 skimresources.com
17 KB
5 dp8hsntg6do36.cloudfront.net
953 KB
5 polarcdn-terrax.com
17 KB
5 cnevids.com
60 KB
5 arstechnica.com
19 KB
4 d2c8v52ll5s99u.cloudfront.net
282 KB
4 polarcdn-pentos.com
928 B
4 casalemedia.com
7 KB
4 tapad.com
1 KB
4 quantserve.com
7 KB
4 demdex.net
9 KB
4 outbrain.com
46 KB
4 google.com
712 B
3 linkedin.com
2 KB
3 adnxs.com
3 KB
3 imasdk.googleapis.com
113 KB
3 facebook.com
524 B
3 parsely.com
1 KB
3 scorecardresearch.com
1 KB
3 medtargetsystem.com
52 KB
3 bounceexchange.com
90 KB
3 googlesyndication.com
0 B
3 google.de
391 B
3 amazon-adsystem.com
25 KB
3 googletagservices.com
72 KB
2 criteo.com
426 B
2 emxdgt.com
456 B
2 pubmatic.com
1 KB
2 snapchat.com
0 B
2 rubiconproject.com
3 KB
2 windows.net
25 KB
2 turn.com
1 KB
2 adsrvr.org
1014 B
2 d1z2jf7jlzjs58.cloudfront.net
19 KB
2 mediavoice.com
125 KB
2 adobedtm.com
42 KB
2 actionbutton.co
17 KB
2 indexww.com
30 KB
1 atdmt.com
405 B
1 twitter.com
222 B
1 onetrust.com
324 B
1 2mdn.net
10 KB
1 jquery.com
30 KB
1 plrsrvcs.com
3 KB
1 t.co
449 B
1 quantcount.com
2 KB
1 polarcdn.com
118 KB
1 everesttech.net
470 B
1 consensu.org
636 B
1 sc-static.net
6 KB
1 licdn.com
5 KB
1 sail-horizon.com
42 KB
1 ads-twitter.com
2 KB
1 criteo.net
27 KB
1 zqtk.net
958 B
1 arsdev.net
339 B
1 googletagmanager.com
65 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 B
0 rkdms.com Failed
mid.rkdms.com Failed
0 B
243 69
Domain Requested by
20 dwgyu36up6iuz.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
18 cdn.arstechnica.net arstechnica.com
cdn.arstechnica.net
17 capture.condenastdigital.com arstechnica.com
12 adserver-us.adtech.advertising.com 8 redirects arstechnica.com
8 px.moatads.com arstechnica.com
7 ids.ad.gt arstechnica.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
arstechnica.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
arstechnica.com
6 images.outbrainimg.com arstechnica.com
6 connect.facebook.net arstechnica.com
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
5 dp8hsntg6do36.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
5 polarcdn-terrax.com cdn.mediavoice.com
plugin.mediavoice.com
static.polarcdn.com
arstechnica.com
4 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
imasdk.googleapis.com
d2c8v52ll5s99u.cloudfront.net
4 polarcdn-pentos.com static.polarcdn.com
4 as-sec.casalemedia.com js-sec.indexww.com
4 pixel.tapad.com 2 redirects arstechnica.com
3 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
3 www.facebook.com 1 redirects arstechnica.com
connect.facebook.net
3 pixel.quantserve.com arstechnica.com
3 sb.scorecardresearch.com 1 redirects arstechnica.com
www.googletagmanager.com
3 www.medtargetsystem.com arstechnica.com
www.medtargetsystem.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
3 player.cnevids.com arstechnica.com
cdn.arstechnica.net
player.cnevids.com
3 z.moatads.com arstechnica.com
securepubads.g.doubleclick.net
d2c8v52ll5s99u.cloudfront.net
3 c.amazon-adsystem.com arstechnica.com
c.amazon-adsystem.com
3 www.googletagservices.com arstechnica.com
securepubads.g.doubleclick.net
3 arstechnica.com arstechnica.com
cdn.arstechnica.net
2 bidder.criteo.com static.criteo.net
2 wren.condenastdigital.com cdn.arstechnica.net
2 px.ads.linkedin.com 1 redirects
2 srv-2019-09-21-12.pixel.parsely.com arstechnica.com
2 cs.emxdgt.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 tr.snapchat.com sc-static.net
2 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
2 4d.condenastdigital.com pixel.condenastdigital.com
2 sstats.arstechnica.com arstechnica.com
2 condenast.demdex.net arstechnica.com
2 fastlane.rubiconproject.com js-sec.indexww.com
2 optanon.blob.core.windows.net www.googletagmanager.com
optanon.blob.core.windows.net
2 dpm.demdex.net arstechnica.com
2 p.skimresources.com arstechnica.com
2 r.skimresources.com 1 redirects arstechnica.com
2 match.adsrvr.org 1 redirects js-sec.indexww.com
2 pixel.condenastdigital.com arstechnica.com
2 d1z2jf7jlzjs58.cloudfront.net arstechnica.com
d1z2jf7jlzjs58.cloudfront.net
2 api.cnevids.com cdn.arstechnica.net
2 widgets.outbrain.com cdn.arstechnica.net
widgets.outbrain.com
2 adservice.google.com www.googletagservices.com
imasdk.googleapis.com
2 assets.adobedtm.com arstechnica.com
assets.adobedtm.com
2 js-sec.indexww.com arstechnica.com
1 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
1 cx.atdmt.com
1 analytics.twitter.com static.ads-twitter.com
1 www.linkedin.com 1 redirects
1 pixels.ad.gt p.ad.gt
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 geolocation.onetrust.com code.jquery.com
1 ib.adnxs.com 1 redirects
1 sd.turn.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 p.ad.gt a.ad.gt
1 s0.2mdn.net imasdk.googleapis.com
1 code.jquery.com optanon.blob.core.windows.net
1 odb.outbrain.com widgets.outbrain.com
1 bw-prod.plrsrvcs.com static.polarcdn.com
1 t.skimresources.com s.skimresources.com
1 www.google.de arstechnica.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 t.co arstechnica.com
1 rules.quantcount.com secure.quantserve.com
1 static.polarcdn.com securepubads.g.doubleclick.net
1 ampcid.google.de www.google-analytics.com
1 infinityid.condenastdigital.com pixel.condenastdigital.com
1 cm.everesttech.net 1 redirects
1 log.outbrainimg.com widgets.outbrain.com
1 srv-2019-09-21-12.config.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 prod-native.actionbutton.co embed.actionbutton.co
1 tcheck.outbrainimg.com widgets.outbrain.com
1 plugin.mediavoice.com cdn.mediavoice.com
1 sc-static.net arstechnica.com
1 snap.licdn.com arstechnica.com
1 a.ad.gt www.googletagmanager.com
1 tag.bounceexchange.com arstechnica.com
1 ak.sail-horizon.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 d.turn.com arstechnica.com
1 secure.quantserve.com www.googletagmanager.com
1 mb.moatads.com z.moatads.com
1 static.criteo.net js-sec.indexww.com
1 segment-data.zqtk.net arstechnica.com
1 cdn.accelerator.arsdev.net cdn.arstechnica.net
1 adservice.google.de www.googletagservices.com
1 www.googletagmanager.com arstechnica.com
1 s.skimresources.com arstechnica.com
1 cdn.mediavoice.com arstechnica.com
1 embed.actionbutton.co arstechnica.com
0 api.rlcdn.com Failed js-sec.indexww.com
0 mid.rkdms.com Failed js-sec.indexww.com
243 103
Subject / Issuer Validity Valid
*.arstechnica.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-16 -
2021-01-15
2 years
*.cachefly.net
GlobalSign RSA OV SSL CA 2018
2019-09-18 -
2021-10-29
2 years
*.g.doubleclick.net
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
c.amazon-adsystem.com
Amazon
2018-12-18 -
2019-11-21
a year
san.casalemedia.com
GeoTrust RSA CA 2018
2019-07-17 -
2020-03-09
8 months
moatads.com
DigiCert ECC Secure Server CA
2018-11-10 -
2020-02-09
a year
*.actionbutton.co
Go Daddy Secure Certificate Authority - G2
2019-06-25 -
2020-06-27
a year
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-06-27 -
2021-07-01
2 years
*.cnevids.com
Trusted Secure Certificate Authority 5
2017-01-10 -
2020-01-10
3 years
ssl962336.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-25 -
2019-12-11
a year
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years
*.google-analytics.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
*.google.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
*.accelerator.arsdev.net
Amazon
2019-08-22 -
2020-09-22
a year
*.outbrain.com
DigiCert SHA2 Secure Server CA
2018-12-14 -
2020-03-14
a year
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year
*.zqtk.net
COMODO RSA Domain Validation Secure Server CA
2018-08-09 -
2020-08-24
2 years
condenast.com
GlobalSign CloudSSL CA - SHA256 - G3
2019-09-10 -
2020-08-07
a year
*.criteo.net
DigiCert ECC Secure Server CA
2019-03-26 -
2020-03-30
a year
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years
*.moatads.com
DigiCert SHA2 Secure Server CA
2019-03-12 -
2021-06-10
2 years
tpc.googlesyndication.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2018-10-16 -
2019-10-21
a year
*.turn.com
DigiCert SHA2 Secure Server CA
2019-01-25 -
2020-03-31
a year
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year
ak.sail-horizon.com
Amazon
2019-03-06 -
2020-04-06
a year
tag.bounceexchange.com
Let's Encrypt Authority X3
2019-08-25 -
2019-11-23
3 months
*.ad.gt
Amazon
2019-07-06 -
2020-08-06
a year
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years
medtargetsystem.com
Amazon
2018-11-23 -
2019-12-23
a year
sc-static.net
DigiCert SHA2 Secure Server CA
2019-03-11 -
2021-03-15
2 years
*.blob.core.windows.net
Microsoft IT TLS CA 5
2019-05-01 -
2021-05-01
2 years
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA
2018-11-28 -
2019-12-26
a year
*.tapad.com
DigiCert SHA2 Secure Server CA
2018-01-17 -
2019-11-02
2 years
ssl446800.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-13 -
2020-03-21
6 months
*.outbrainimg.com
DigiCert SHA2 Secure Server CA
2019-02-24 -
2020-05-25
a year
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2018-08-15 -
2019-10-23
a year
*.config.parsely.com
Amazon
2019-02-27 -
2020-03-27
a year
*.adtech.advertising.com
DigiCert SHA2 High Assurance Server CA
2018-05-22 -
2020-05-26
2 years
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years
sstats.arstechnica.com
DigiCert SHA2 High Assurance Server CA
2019-03-03 -
2020-06-05
a year
*.conde.io
Amazon
2019-06-03 -
2020-07-03
a year
assets.bounceexchange.com
Let's Encrypt Authority X3
2019-08-13 -
2019-11-11
3 months
ssl962736.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-12-19 -
2019-12-11
a year
t.co
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year
www.google.de
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
tr.snapchat.com
DigiCert SHA2 Secure Server CA
2019-02-19 -
2021-02-23
2 years
ssl887612.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-29 -
2020-03-06
6 months
ssl880796.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-07-31 -
2020-02-06
6 months
*.googleapis.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-07-30 -
2020-07-25
a year
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
*.doubleclick.net
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months
*.onetrust.com
DigiCert SHA2 Secure Server CA
2018-03-12 -
2020-06-14
2 years
*.pixel.parsely.com
Amazon
2019-02-27 -
2020-03-27
a year
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2019-07-11 -
2019-10-09
3 months
*.criteo.com
DigiCert ECC Secure Server CA
2019-03-28 -
2020-04-01
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

243 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities
45 KB
15 KB
Document
General
Full URL
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
9fb5959751e5892826f389f904017520d102cb81c2ab8f98932cf9ac415f21a4
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
arstechnica.com
:scheme
https
:path
/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Sat, 21 Sep 2019 12:21:56 GMT
content-type
text/html; charset=UTF-8
link
<https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
x-ars-server
web209
content-encoding
gzip
main-da8ee106a4.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css
341 KB
71 KB
Stylesheet
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1a33134313364da630ab0d7c845a2167e97ecda944d688282bb1dd2e2fc152bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
72015
x-cf-tsc
1565806675
x-cf2
H
last-modified
Wed, 14 Aug 2019 18:14:26 GMT
server
CFS 0215
x-cff
B
etag
W/"5d544f82-552e7"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
gpt.js
www.googletagservices.com/tag/js
44 KB
14 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0b927a10da91a14ea79de644a66855b909fd89bd6143da1aa9e0232b34941e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"285 / 385 of 1000 / last-modified: 1568909646"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
14309
x-xss-protection
0
expires
Sat, 21 Sep 2019 12:21:56 GMT
Adblocked apstag.js
c.amazon-adsystem.com/aax2
75 KB
22 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
Server /
Resource Hash
f31d00a72b38535ab0e9615410790bdd191ce7247198d172e7dcfd6913dbb70f
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Sep 2019 17:15:33 GMT
content-encoding
gzip
server
Server
age
68782
etag
cb11f28997167e6ef1527a7077c2cf8c
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
F6rOI5LgtOzD1EA2GoTliCpvUKUBgAX2am5gA4WwNO0Tc26AkWCo5g==
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
Adblocked 183973-1558632223658.js
js-sec.indexww.com/ht/p
108 KB
30 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/183973-1558632223658.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c200e340ee2c24bb3d9585b2f158ef5feb0d0ea464a98e961918eff0cd086651
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:56 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Sep 2019 11:56:06 GMT
Server
Apache
ETag
"da2fbb-1ae57-5930edf321bd0"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2343
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
30351
Expires
Sat, 21 Sep 2019 13:00:59 GMT
Adblocked moatheader.js
z.moatads.com/condenastprebidheader987326845656
85 KB
33 KB
Script
General
Full URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a4b1778a87595cf9ae9f5895ec53d8d0c7b14bcd2b8e83e97205de93d9e2d302
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Jun 2019 22:46:08 GMT
Server
AmazonS3
x-amz-request-id
51EAAEE1F3A29B96
ETag
"72a5c50e4e39e0e8cb0219a5569deff3"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=41697
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32968
x-amz-id-2
F2Qao5shCYQu5cyq2mkNzxqmDgSvsHK2qYzrkz+Di8nW/PuM/rPl05Z4Q7PUU1iE5krHHF6wvyU=
ars-technica.min.js
cdn.arstechnica.net/cns
124 KB
40 KB
Script
General
Full URL
https://cdn.arstechnica.net/cns/ars-technica.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4704fca31cd15f83a91c67e58a9acd46cf491d78fb2e2f8a6be760c8ae8cee7f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-cf3
H
x-amz-request-id
AF8E2689A2CAEBF5
x-cf1
14961:fC.fra2:co:1565891882:cacheN.fra2-01:H
status
200
x-cache-hits
1
content-length
40704
x-amz-id-2
q0AtTMdtqNrlc4NzqqqpGDhtMvR+f99cqQVy0G7JuIhrUoUmaYeOSbf9leXue/aEoV2Ai8YMpnQ=
x-cf-tsc
1565891888
cf4ttl
120.500
x-cf2
H
last-modified
Wed, 14 Aug 2019 18:21:19 GMT
server
CFS 0215
x-timer
S1565891884.224418,VS0,VE1
x-cff
B
etag
"b8d20846df2b07a8b4072cb23bafe08d"
x-served-by
cache-mdw17351-MDW
vary
Accept-Encoding
x-amz-version-id
bdz._zghS79PEfT1GhkY3IJ8qXL9HWZY
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
5
accept-ranges
bytes
content-type
application/javascript
x-cf-rand
1.472
expires
Sat, 16 Nov 2019 12:21:56 GMT
ars-bcfee6c82a.ads.us.js
/wp-content/themes/ars/assets/js
4 KB
2 KB
Script
General
Full URL
https://arstechnica.com/wp-content/themes/ars/assets/js/ars-bcfee6c82a.ads.us.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
032027ea92b8b014594b64b514f922a12029c27c3dc27e5c11b09eabfaf810c3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Sep 2019 18:52:08 GMT
server
nginx
etag
W/"5d851fd8-e66"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
strict-transport-security
max-age=300
x-ars-server
web209
x-xss-protection
1; mode=block
payment-cards.jpg
cdn.arstechnica.net/wp-content/uploads/2018/02
120 KB
121 KB
Image
General
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/02/payment-cards.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c38d95884d6a6a11b88bb984c881bd0665cdc1d7797110748d82b39b3d913523

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
123301
x-cf-tsc
1568973752
x-cf2
H
last-modified
Wed, 07 Feb 2018 20:00:21 GMT
server
CFS 0215
x-cff
B
etag
"5a7b5ad5-1e1a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
25
accept-ranges
bytes
x-cf-rand
8.510
expires
Sat, 16 Nov 2019 12:21:56 GMT
click2gov-cities-640x342.png
cdn.arstechnica.net/wp-content/uploads/2019/09
237 KB
237 KB
Image
General
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2019/09/click2gov-cities-640x342.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
9e22d4c8cfc95a7cae7f798a4d1c2a0f48a299b2fdc152954c35ef3ee368a6bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:M
status
200
content-length
242351
x-cf-tsc
1569062449
x-cf2
H
last-modified
Fri, 20 Sep 2019 00:27:57 GMT
server
CFS 0215
x-cff
B
etag
"5d841d0d-3b2af"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
747
accept-ranges
bytes
x-cf-rand
4.483
expires
Sat, 16 Nov 2019 12:21:56 GMT
main-76b95056cc.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js
650 KB
212 KB
Script
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c93eb99f954616977c62d3a21ac7705d3f23af66301d2082460e59d7a04053c4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1566221163:cacheN.fra2-01:H
status
200
content-length
216263
x-cf-tsc
1566221165
x-cf2
H
last-modified
Mon, 19 Aug 2019 13:22:54 GMT
server
CFS 0215
x-cff
B
etag
W/"5d5aa2ae-a2617"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
Adblocked widget.min.js
embed.actionbutton.co/widget
53 KB
17 KB
Script
General
Full URL
https://embed.actionbutton.co/widget/widget.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.53 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7aa953d2324b58988b7c3829dd3f8505ae7ac5ea94c76debb7ea9fbf8422172
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 16:24:21 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 11 Sep 2019 16:23:06 GMT
Server
AmazonS3
Age
71856
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
MHhglTS0cCrPvUXpIOtTYbSyYvwbKnyWaUcibpV5YzbuMwIM5L3zeA==
Adblocked satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212
74 KB
23 KB
Script
General
Full URL
https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27ee41d3fd05096e2e40507d7d1b6edfb71423aaaea35cfe24d0be18b6eeb006
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 19:02:35 GMT
server
Apache
etag
"262b5b65e9b10aa157d4be8da094be2d:1557946955"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
23282
expires
Sat, 21 Sep 2019 13:21:56 GMT
arstechnica.js
player.cnevids.com/interlude
109 KB
28 KB
Script
General
Full URL
https://player.cnevids.com/interlude/arstechnica.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-13.fra53.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
b7b0772e3a20ffcda7bca20f04555ad1c1fb4f31837b1263e904f2c6c76b94d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Status
200 OK
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
66781033-45c6-4c23-a183-9bf26f97b65b
X-Runtime
0.016137
X-Backend-Node
10.110.29.24
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
ETag
W/"f3ae3a0568a70af80fd67c8c5a30b27e"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
5Ih1IgBAyEnfCrGSZNXXOD016dhhcBBFALFDebMZzk9I-2WRuVDTRw==
Adblocked conde-asa-polar-master.js
cdn.mediavoice.com/nativeads/script/condenastcorporate
5 KB
2 KB
Script
General
Full URL
https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4207
cf-ray
519c0075f856cb9c-VIE
status
200
cf-ipcountry
DE
x-country
DE
content-length
2018
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
1444178030 1443900778
via
1.1 varnish
cache-control
max-age=21600
accept-ranges
bytes
content-type
text/javascript
Adblocked 100098X1555750.skimlinks.js
s.skimresources.com/js
38 KB
15 KB
Script
General
Full URL
https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4fda32f839417b9566fb9aee1ad2361f6d3b6c41565e657384d05895a38b111
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 13:20:21 GMT
server
AmazonS3
x-amz-request-id
E3A3E815DAE40864
etag
"4325a545244304ab19cf89151b9dbf7e"
x-hw
1569068516.cds013.pa1.hn,1569068516.cds024.pa1.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
14923
x-amz-id-2
nqaszZ75Wbz1HoWjqs2xrHXtNERXyzyzHCtdasW0VQi2zDar3WmZPfKaf0QCV6k+qJcj8T14Vg4=
Adblocked gtm.js?id=GTM-NLXNPCQ
www.googletagmanager.com
269 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
307ff27335352e971153e98056aa33de4b6858c566bdd6ca84df0720e6100165
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
br
last-modified
Sat, 21 Sep 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
66661
x-xss-protection
0
expires
Sat, 21 Sep 2019 12:21:56 GMT
Adblocked integrator.js?domain=arstechnica.com
adservice.google.de/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
Adblocked integrator.js?domain=arstechnica.com
adservice.google.com/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
Adblocked pubads_impl_2019091901.js
securepubads.g.doubleclick.net/gpt
156 KB
58 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
58568
x-xss-protection
0
expires
Sat, 21 Sep 2019 12:21:56 GMT
Adblocked aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 20:18:21 GMT
content-encoding
gzip
vary
Origin
age
57815
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
T6TaUBnXLIjxIxAOOCGMdzADZVy02XV2hDlcIaAmTE5XUQnFqt9l1w==
Adblocked https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F09%2Fpayment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities%2F
cdn.accelerator.arsdev.net/h
30 B
339 B
Script
General
Full URL
https://cdn.accelerator.arsdev.net/h/https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F09%2Fpayment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities%2F
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.90 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-90.fra53.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.9
Resource Hash
53ee3bc89e873d6707cafffeb0a4fb1d36ee86ae8f76050628d3f4e27b5c7740
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:25:02 GMT
via
1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
16
x-powered-by
PHP/5.5.9-1ubuntu4.9
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
aSX_N0N8lk78gxjszlaEh72rnLF-eWsit99T5rk8TthVE4Z6VesyTw==
ads.js
/hotzones/src
0
517 B
XHR
General
Full URL
https://arstechnica.com/hotzones/src/ads.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Sep 2019 18:50:42 GMT
server
nginx
etag
"5d851f82-0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
content-length
0
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
strict-transport-security
max-age=300
accept-ranges
bytes
x-ars-server
web209
x-xss-protection
1; mode=block
data:truncated
data:truncated
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
357 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
25 KB
25 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
25592
x-cf-tsc
1561863055
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-63f8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
24 KB
24 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
24264
x-cf-tsc
1561863055
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-5ec8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
data:truncated
data:truncated
279 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
400 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
700 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
841 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
blockquote-afedeab761.svg
cdn.arstechnica.net/wp-content/themes/ars/assets/img
419 B
756 B
Image
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/blockquote-afedeab761.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
419
x-cf-tsc
1565079013
x-cf2
H
last-modified
Fri, 26 Jul 2019 16:19:52 GMT
server
CFS 0215
x-cff
B
etag
"5d3b2828-1a3"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
16211
accept-ranges
bytes
x-cf-rand
0.064
expires
Sat, 16 Nov 2019 12:21:56 GMT
Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10
90 KB
91 KB
Image
General
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
92486
x-cf-tsc
1568078289
x-cf2
H
last-modified
Mon, 08 Oct 2018 19:35:22 GMT
server
CFS 0215
x-cff
B
etag
"5bbbb17a-16946"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
3214
accept-ranges
bytes
x-cf-rand
8.309
expires
Sat, 16 Nov 2019 12:21:56 GMT
channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img
5 KB
5 KB
Image
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
4809
x-cf-tsc
1562369818
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-12c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
data:truncated
data:truncated
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
18 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
data:truncated
data:truncated
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
18 KB
19 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
18824
x-cf-tsc
1561863055
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-4988"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
24 KB
24 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
24212
x-cf-tsc
1561917085
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-5e94"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
22 KB
23 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
22872
x-cf-tsc
1561863055
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-5958"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
19 KB
19 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
18972
x-cf-tsc
1562205866
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-4a1c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
20 KB
21 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
20872
x-cf-tsc
1562205866
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-5188"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
19 KB
19 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
19516
x-cf-tsc
1562369864
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-4c3c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts
22 KB
22 KB
Font
General
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
22104
x-cf-tsc
1562368897
x-cf2
H
last-modified
Tue, 25 Jun 2019 14:52:45 GMT
server
CFS 0215
x-cff
B
etag
"5d12353d-5658"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Sat, 16 Nov 2019 12:21:56 GMT
Adblocked outbrain.js?_=1569068516748
widgets.outbrain.com
105 KB
36 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js?_=1569068516748
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a7f73f323b3e2c8aedab7e6fa23024fba37251d8fa3fd6865868b88bdc9ddf64
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Sep 2019 11:07:06 GMT
Server
Apache
ETag
"3d433d86b4c06d8a26c96ec5e49790e1:1568618558"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
36517
video_groups?filters=%7B%22channel_key%22:%22arstechnica%22%7D&pagesize=20&endpoint=oo.arstechnica
api.cnevids.com/v1
4 KB
1 KB
XHR
General
Full URL
https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.155.118 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-230-155-118.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
6d6d1626a30434505662ec095a8c016ad10b63e2e3d8f0ab084f4d6b35c2c5f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sat, 21 Sep 2019 12:21:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
658
X-XSS-Protection
1; mode=block
X-Request-Id
d559c28f-00e2-4aad-9b72-2a7a4a1147c3
X-Runtime
0.002065
X-Backend-Node
10.110.44.187
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
ETag
W/"281c12d0f3e096530fa49b33055cfb7e"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Adblocked p.js
d1z2jf7jlzjs58.cloudfront.net
6 KB
3 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.228 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-228.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 00:42:06 GMT
Content-Encoding
gzip
Age
41990
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
ETag
W/"53191693-19c1"
Content-Type
application/x-javascript
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
BIMlW--Y5HXML6_P0jSFfv8gNq7X7YbemsPffSqc2hEdxR1yM8EJtA==
Expires
Sat, 21 Sep 2019 00:42:06 GMT
s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212
67 KB
19 KB
Script
General
Full URL
https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de4de18224e2109f2f8ff4ce9a40cb51c6a36724b2df68e8bd6080b8ee3a02d0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 19:02:35 GMT
server
Apache
etag
"06a88b0424fa26cefa8da4fc4967b294:1557946955"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
19132
expires
Sat, 21 Sep 2019 13:21:56 GMT
Adblocked conde-nast?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F09%2Fpayment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities%2F
segment-data.zqtk.net
687 B
958 B
Script
General
Full URL
https://segment-data.zqtk.net/conde-nast?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F09%2Fpayment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.241 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-1-241.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
134c8706deb6e3e51280725a1113f3480353b57ec9495404fa388fc2afc9b0ff
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:56 GMT
Expires
Sun, 22 Sep 2019 10:01:35 GMT
Last-Modified
Fri, 20 Sep 2019 10:01:35 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
687
Content-Type
application/javascript; charset=UTF-8
Adblocked ixmatch.html
js-sec.indexww.com/um
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/

Response headers

Server
Apache
Last-Modified
Mon, 19 Jun 2017 19:18:19 GMT
ETag
"e20015-112-55254ff6a1972"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
211
Date
Sat, 21 Sep 2019 12:21:56 GMT
Connection
keep-alive
Adblocked ars-technica.config.js
pixel.condenastdigital.com/config/v2/production
5 KB
2 KB
Script
General
Full URL
https://pixel.condenastdigital.com/config/v2/production/ars-technica.config.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.239 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a60bfeca1021496ac984a7e6b7f05f9473db17edcccbc91855b302863bab76
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:56 GMT
Content-Encoding
gzip
Age
237849
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
995
x-amz-id-2
FKPqKuelDY4dA2iUt3IPbIlId3AasfLJAnaOjax11cNTE0E1tyVcJniP6MEmpSTIVc/V8EwsGqk=
X-Served-By
cache-iad2128-IAD, cache-hhn4045-HHN
Access-Control-Allow-Origin
*
Last-Modified
Fri, 12 Apr 2019 14:56:32 GMT
Server
AmazonS3
X-Timer
S1569068517.865002,VS0,VE0
ETag
"1be0f93ab87f7c023eae8fa152ea611f"
Vary
Accept-Encoding
x-amz-request-id
52384B8AC2977F0F
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 15 Aug 2019 00:17:47 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 1019
Adblocked publishertag.js
static.criteo.net/js/ld
87 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-1558632223658.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
daebe3af6e4167d9ca052acb19c93ee451816da96cc297f0943210e4a8749f24
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
content-encoding
gzip
last-modified
Fri, 23 Aug 2019 14:10:46 GMT
server
nginx
etag
W/"5d5ff3e6-15cc4"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 22 Sep 2019 12:21:56 GMT
Adblocked rid?ttd_pid=casale&fmt=json&p=183973
match.adsrvr.org/track
109 B
535 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183973
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-1558632223658.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.237.210 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-237-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
84d35be300f09f8ded92873c857d461490f94fdc0b62f1d0ad9bde9073699ba9
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 21 Sep 2019 12:21:56 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 21 Oct 2019 12:21:56 GMT
ids?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=CONDENAST
mid.rkdms.com
0
0

identity?pid=2&rt=envelope
api.rlcdn.com/api
0
0

Adblocked yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHr...
mb.moatads.com
1 KB
2 KB
Script
General
Full URL
https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F09%2Fpayment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities%2F&confidence=2&pcode=condenastprebidheader987326845656&callback=MoatNadoAllJsonpRequest_90881515
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.191.22 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-130-191-22.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9f2441ed313f9b75256e54986ce602e0c1baa4727745eb62f2449965dce53a3f
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/09/payment-card-thieves-hack-click2gov-bill-paying-portals-in-8-cities/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Sep 2019 12:21:57 GMT
Server
nginx
Etag
"b926e9e3d00413fdfa0fe6334efc1b1ab4a29bb9"
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=900
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1527
Adblocked pixel.gif?e=17&t=1569068516916&de=706383347655&d=CONDENAST_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=7392b0f-clean&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTarge...
px.moatads.com
43 B
409 B
Image