urlscan.io logo urlscan.io
SecurityTrails logo

arstechnica.com Open in urlscan Pro
50.31.169.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Effective URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-us...
Submission: On August 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 40 domains to perform 110 HTTP transactions. The main IP is 50.31.169.131, located in Bensenville, United States and belongs to SERVERCENTRAL - Server Central Network, US. The main domain is arstechnica.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 16th 2019. Valid for: 2 years.
This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
8 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 4 50.31.169.131 23352 (SERVERCEN...)
9 205.234.175.175 30081 (CACHENETW...)
3 2a00:1450:400... 15169 (GOOGLE)
2 99.86.1.198 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2.18.234.190 16625 (AKAMAI-AS)
2 18.211.127.174 14618 (AMAZON-AES)
1 13.35.254.197 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.225 27281 (QUANTCAST)
1 46.228.164.13 56396 (TURN)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 13.35.253.13 16509 (AMAZON-02)
1 54.200.217.108 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.1.219.33 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 13.35.254.194 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 92.122.252.200 16625 (AKAMAI-AS)
1 64.202.112.31 22075 (AS-OUTBRAIN)
1 151.101.14.2 54113 (FASTLY)
110 29
3    2a02:26f0:10c:381::3277 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
apple.news
8    2a02:26f0:64:59a::1aca (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.apple.com
4    50.31.169.131 (Bensenville, United States)

ASN23352 (SERVERCENTRAL - Server Central Network, US)
PTR: ge-11-2-1.ar10.ord6.us.scnet.net
arstechnica.com
9    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US)
PTR: vip1.G-anycast1.cachefly.net
cdn.arstechnica.net
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
2    99.86.1.198 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6813:d983 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.mediavoice.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    18.211.127.174 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-211-127-174.compute-1.amazonaws.com
api.cnevids.com
1    13.35.254.197 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-197.fra6.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    91.228.74.225 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    13.35.253.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-13.fra6.r.cloudfront.net
ak.sail-horizon.com
1    54.200.217.108 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-217-108.us-west-2.compute.amazonaws.com
a.ad.gt
1    2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
2    52.1.219.33 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-219-33.compute-1.amazonaws.com
www.medtargetsystem.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.de
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
17    13.35.254.194 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-194.fra6.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
1    2600:9000:2057:400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    92.122.252.200 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-122-252-200.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
odb.outbrain.com
Apex Domain
Subdomains		 Transfer
18 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dwgyu36up6iuz.cloudfront.net
237 KB
9 arstechnica.net
cdn.arstechnica.net
653 KB
8 apple.com
www.apple.com
788 KB
4 arstechnica.com
arstechnica.com
18 KB
3 facebook.net
connect.facebook.net
103 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 outbrain.com
widgets.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com Failed
45 KB
3 google.com
adservice.google.com
ampcid.google.com
www.google.com
1 KB
3 google.de
adservice.google.de
ampcid.google.de
www.google.de
1 KB
3 apple.news
apple.news
17 KB
2 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com Failed
820 B
2 facebook.com
www.facebook.com
319 B
2 medtargetsystem.com
www.medtargetsystem.com
52 KB
2 cnevids.com
player.cnevids.com Failed
api.cnevids.com
9 KB
2 amazon-adsystem.com
c.amazon-adsystem.com
23 KB
1 quantcount.com
rules.quantcount.com
2 KB
1 licdn.com
snap.licdn.com
5 KB
1 ad.gt
a.ad.gt
2 KB
1 sail-horizon.com
ak.sail-horizon.com
42 KB
1 turn.com
d.turn.com
698 B
1 quantserve.com
secure.quantserve.com
pixel.quantserve.com Failed
6 KB
1 doubleclick.net
securepubads.g.doubleclick.net Failed
stats.g.doubleclick.net
349 B
1 googletagmanager.com
www.googletagmanager.com
65 KB
1 mediavoice.com
cdn.mediavoice.com
2 KB
1 googletagservices.com
www.googletagservices.com
12 KB
0 deepintent.com Failed
match.deepintent.com Failed
0 parsely.com Failed
srv-2019-08-26-12.config.parsely.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 scorecardresearch.com Failed
sb.scorecardresearch.com Failed
0 windows.net Failed
optanon.blob.core.windows.net Failed
0 sc-static.net Failed
sc-static.net Failed
0 bounceexchange.com Failed
tag.bounceexchange.com Failed
0 ads-twitter.com Failed
static.ads-twitter.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 arsdev.net Failed
cdn.accelerator.arsdev.net Failed
0 skimresources.com Failed
s.skimresources.com Failed
0 adobedtm.com Failed
assets.adobedtm.com Failed
0 actionbutton.co Failed
embed.actionbutton.co Failed
0 moatads.com Failed
z.moatads.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
110 40
Domain Requested by
17 dwgyu36up6iuz.cloudfront.net arstechnica.com
9 cdn.arstechnica.net arstechnica.com
8 www.apple.com apple.news
4 arstechnica.com 1 redirects apple.news
arstechnica.com
cdn.arstechnica.net
3 connect.facebook.net apple.news
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 apple.news apple.news
2 www.facebook.com arstechnica.com
connect.facebook.net
2 www.medtargetsystem.com apple.news
www.medtargetsystem.com
2 api.cnevids.com cdn.arstechnica.net
2 widgets.outbrain.com cdn.arstechnica.net
widgets.outbrain.com
2 c.amazon-adsystem.com arstechnica.com
c.amazon-adsystem.com
1 odb.outbrain.com widgets.outbrain.com
1 log.outbrainimg.com widgets.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 rules.quantcount.com secure.quantserve.com
1 www.google.de arstechnica.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 snap.licdn.com apple.news
1 a.ad.gt www.googletagmanager.com
1 ak.sail-horizon.com www.googletagmanager.com
1 d.turn.com apple.news
1 secure.quantserve.com www.googletagmanager.com
1 d1z2jf7jlzjs58.cloudfront.net arstechnica.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagmanager.com arstechnica.com
1 cdn.mediavoice.com arstechnica.com
1 www.googletagservices.com arstechnica.com
0 images.outbrainimg.com Failed arstechnica.com
0 mcdp-chidc2.outbrain.com Failed widgets.outbrain.com
0 pixel.quantserve.com Failed arstechnica.com
0 match.deepintent.com Failed arstechnica.com
0 srv-2019-08-26-12.config.parsely.com Failed d1z2jf7jlzjs58.cloudfront.net
0 pixel.tapad.com Failed arstechnica.com
0 sb.scorecardresearch.com Failed arstechnica.com
0 optanon.blob.core.windows.net Failed www.googletagmanager.com
0 sc-static.net Failed apple.news
0 tag.bounceexchange.com Failed apple.news
0 static.ads-twitter.com Failed www.googletagmanager.com
0 dpm.demdex.net Failed apple.news
0 cdn.accelerator.arsdev.net Failed cdn.arstechnica.net
0 securepubads.g.doubleclick.net Failed www.googletagservices.com
0 s.skimresources.com Failed arstechnica.com
0 player.cnevids.com Failed arstechnica.com
cdn.arstechnica.net
0 assets.adobedtm.com Failed arstechnica.com
0 embed.actionbutton.co Failed arstechnica.com
0 z.moatads.com Failed arstechnica.com
0 js-sec.indexww.com Failed arstechnica.com
110 52
Subject Issuer Validity Valid
c.apple.news
Apple IST CA 2 - G1		 2019-03-08 -
2021-04-06		 2 years crt.sh
www.apple.com
DigiCert SHA2 Extended Validation Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
*.arstechnica.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-16 -
2021-01-15		 2 years crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2019-07-05 -
2019-09-29		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
ssl962336.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-25 -
2019-12-11		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-03-14		 a year crt.sh
*.cnevids.com
Trusted Secure Certificate Authority 5		 2017-01-10 -
2020-01-10		 3 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-03-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
ak.sail-horizon.com
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
*.ad.gt
Amazon		 2019-07-06 -
2020-08-06		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
medtargetsystem.com
Amazon		 2018-11-23 -
2019-12-23		 a year crt.sh
www.google.de
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2019-02-24 -
2020-05-25		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh

This page contains 4 frames:

Primary Page: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Frame ID: 238E386ECCE058CC0484D822773A29E2
Requests: 118 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 779476302E42A63A711DC83E06ADCC40
Requests: 1 HTTP requests in this frame

Frame: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F&_sid=3a251459-9e4f-43b0-9c04-92c4c93a7926&_vid=bc5ff34c-6704-4d33-9857-90f7b5027477&_ak=119-556-B0E9F642&_flash=false&_th=1566823032|1566823032|1
Frame ID: 9FCC9D4B79D5405297AFAF74CE34CA40
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 9B0CD61B20BB175D44040D8FB250E0E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g Page URL
  2. http://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-password... HTTP 301
    https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-password... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

110
Requests

67 %
HTTPS

50 %
IPv6

40
Domains

52
Subdomains

29
IPs

6
Countries

2103 kB
Transfer

3883 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g Page URL
  2. http://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/ HTTP 301
    https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&gjid=873837804&_gid=908276906.1566823033&_u=aGBAgUAjAAQC~&z=1969821155 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155&slf_rd=1&random=3382385643

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
AVX4tJKWnRNyZAxkP-Z7Y3g
apple.news/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:381::3277 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AppleHttpServer/62e237dc531d /
Resource Hash
5a148e4d91ff4d1a1983593c6b96a1c2457dbf65c040e00369b6619b5685b2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Xss-Protection 1

Request headers

Host
apple.news
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
AppleHttpServer/62e237dc531d
Content-Type
text/html
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000
X-XSS-Protection
1
X-B3-TraceId
feb96107c217be6a
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2087
Cache-Control
public, no-transform, max-age=249
Date
Mon, 26 Aug 2019 12:37:08 GMT
X-Cache
TCP_REFRESH_MISS from a95-100-193-14.deploy.akamaitechnologies.com (AkamaiGHost/9.8.0-26986073) (S)
Connection
keep-alive
X-Cache-Remote
TCP_REFRESH_MISS from a2-16-100-31.deploy.akamaitechnologies.com (AkamaiGHost/9.7.4.0.1-26934805) (S)
fonts
www.apple.com/wss/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
fe08f47d9fdb1cc392d658abae8b50ca9fe1c84a6ab81b86a46c20ae8c85d82c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
date
Mon, 26 Aug 2019 12:37:08 GMT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=0, no-cache
content-length
916
expires
Mon, 26 Aug 2019 12:37:08 GMT
index.css
apple.news/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apple.news/css/index.css
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:381::3277 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AppleHttpServer/62e237dc531d /
Resource Hash
aa017f8747b8fbf75e39550f6564f71e856726e3555cd993aa6dcf148c947d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Fri, 09 Aug 2019 00:00:19 GMT
X-Cache-Remote
TCP_REFRESH_HIT from a2-16-100-31.deploy.akamaitechnologies.com (AkamaiGHost/9.7.4.0.1-26934805) (S)
X-B3-TraceId
e88cc90b0f2d2788
Date
Mon, 26 Aug 2019 12:37:08 GMT
Vary
Accept-Encoding
X-Cache
TCP_REFRESH_HIT from a95-100-193-14.deploy.akamaitechnologies.com (AkamaiGHost/9.8.0-26986073) (S)
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2004
Server
AppleHttpServer/62e237dc531d
Appicon_v6.png
apple.news/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple.news/images/Appicon_v6.png
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:381::3277 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AppleHttpServer/62e237dc531d /
Resource Hash
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 09 Aug 2019 00:00:19 GMT
X-Cache-Remote
TCP_REFRESH_HIT from a2-16-100-31.deploy.akamaitechnologies.com (AkamaiGHost/9.7.4.0.1-26934805) (S)
X-B3-TraceId
ca51d94751cfacd3
Date
Mon, 26 Aug 2019 12:37:08 GMT
X-Cache
TCP_REFRESH_HIT from a95-100-193-14.deploy.akamaitechnologies.com (AkamaiGHost/9.8.0-26986073) (S)
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11329
Server
AppleHttpServer/62e237dc531d
sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache / PHP/5.3.3
Resource Hash
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.3.3
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=27454014
date
Mon, 26 Aug 2019 12:37:08 GMT
content-length
169880
expires
Thu, 09 Jul 2020 06:44:02 GMT
sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache / PHP/5.3.3
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.3.3
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=27454014
date
Mon, 26 Aug 2019 12:37:08 GMT
content-length
155504
expires
Thu, 09 Jul 2020 06:44:02 GMT
SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
date
Mon, 26 Aug 2019 12:37:08 GMT
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=27455940
content-length
10380
expires
Thu, 09 Jul 2020 07:16:08 GMT
sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
date
Mon, 26 Aug 2019 12:37:08 GMT
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=27455934
content-length
162416
expires
Thu, 09 Jul 2020 07:16:02 GMT
sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		150 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
date
Mon, 26 Aug 2019 12:37:08 GMT
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=27455965
content-length
153880
expires
Thu, 09 Jul 2020 07:16:33 GMT
sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache / PHP/5.3.3
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/5.3.3
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=27454017
date
Mon, 26 Aug 2019 12:37:08 GMT
content-length
141324
expires
Thu, 09 Jul 2020 06:44:05 GMT
SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:59a::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin
https://apple.news
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
Apache
date
Mon, 26 Aug 2019 12:37:08 GMT
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=27455882
content-length
8868
expires
Thu, 09 Jul 2020 07:15:10 GMT
Primary Request /
arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Redirect Chain
  • http://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
  • https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
47 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
756b6d7d4ffd3bdc125c38472c06669f86d3ec8be5fdef674a2e4b57ea4be174
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
arstechnica.com
:scheme
https
:path
/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 26 Aug 2019 12:37:12 GMT
content-type
text/html; charset=UTF-8
link
<https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
x-ars-server
web205
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 26 Aug 2019 12:37:11 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
main-da8ee106a4.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 		341 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1a33134313364da630ab0d7c845a2167e97ecda944d688282bb1dd2e2fc152bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
72015
x-cf-tsc
1565806685
x-cf2
H
last-modified
Wed, 14 Aug 2019 18:14:26 GMT
server
CFS 0215
x-cff
B
etag
W/"5d544f82-552e7"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
10
accept-ranges
bytes
expires
Mon, 21 Oct 2019 12:37:12 GMT
gpt.js
www.googletagservices.com/tag/js/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
42a1b2424520b2ec7f7638174ed21c49a86aa353f7f51b0f35c8b9d2213595a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"260 / 326 of 1000 / last-modified: 1566588896"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
12352
x-xss-protection
0
expires
Mon, 26 Aug 2019 12:37:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
781c5596f9a65325ecfa652e4fe12760d429b1cf3070be38eb5d42ce6d83eb6d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 21:32:36 GMT
content-encoding
gzip
server
Server
age
54276
etag
2651fa4bf4c1a481572051f7f35c8f68
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XLlTI53hxvttxpgWFgD6SPl64GmAEMNO1bQCbbRsrHuB1yfhHh0-lw==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
183973-1558632223658.js
js-sec.indexww.com/ht/p/ 		0
0
moatheader.js
z.moatads.com/condenastprebidheader987326845656/ 		0
0
ars-technica.min.js
cdn.arstechnica.net/cns/ 		124 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/ars-technica.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4704fca31cd15f83a91c67e58a9acd46cf491d78fb2e2f8a6be760c8ae8cee7f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-cf3
M
x-amz-request-id
AF8E2689A2CAEBF5
x-cf1
14961:fB.ams1:co:1565891882:cacheN.ams1-01:H
status
200
x-cache-hits
1
content-length
40704
x-amz-id-2
q0AtTMdtqNrlc4NzqqqpGDhtMvR+f99cqQVy0G7JuIhrUoUmaYeOSbf9leXue/aEoV2Ai8YMpnQ=
x-cf-tsc
1565891884
cf4ttl
120.500
x-cf2
H
last-modified
Wed, 14 Aug 2019 18:21:19 GMT
server
CFS 0215
x-timer
S1565891884.224418,VS0,VE1
x-cff
B
etag
"b8d20846df2b07a8b4072cb23bafe08d"
x-served-by
cache-mdw17351-MDW
vary
Accept-Encoding
x-amz-version-id
bdz._zghS79PEfT1GhkY3IJ8qXL9HWZY
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
1
accept-ranges
bytes
content-type
application/javascript
x-cf-rand
1.472
expires
Mon, 21 Oct 2019 12:37:12 GMT
ars-bcfee6c82a.ads.us.js
arstechnica.com/wp-content/themes/ars/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/wp-content/themes/ars/assets/js/ars-bcfee6c82a.ads.us.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
032027ea92b8b014594b64b514f922a12029c27c3dc27e5c11b09eabfaf810c3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2019 16:57:07 GMT
server
nginx
etag
W/"5d601ae3-e66"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
strict-transport-security
max-age=300
x-ars-server
web205
x-xss-protection
1; mode=block
hacked_by_xxdigipxx-d4ozzco-640x400.png
cdn.arstechnica.net/wp-content/uploads/2013/05/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2013/05/hacked_by_xxdigipxx-d4ozzco-640x400.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
2bd0ed1f601395f2c7b777bdc52bba681ab91265df419ad3e841f0e3d8b8af2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
158339
x-cf-tsc
1566642723
x-cf2
H
last-modified
Tue, 28 May 2013 19:28:21 GMT
server
CFS 0215
x-cff
B
etag
"51a50555-26a83"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
x-cf-rand
1.404
expires
Mon, 21 Oct 2019 12:37:12 GMT
CVE-2019-11510_by_Country.png
cdn.arstechnica.net/wp-content/uploads/2019/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2019/08/CVE-2019-11510_by_Country.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
52ef850ccc59b0291589524a0d69eb2e561df213979bf544132c92fa8b09b4fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
3631
x-cf-tsc
1566775551
x-cf2
H
last-modified
Sat, 24 Aug 2019 17:52:42 GMT
server
CFS 0215
x-cff
B
etag
"5d61796a-e2f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
x-cf-rand
1.714
expires
Mon, 21 Oct 2019 12:37:12 GMT
fortigate-exploits-640x193.png
cdn.arstechnica.net/wp-content/uploads/2019/08/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2019/08/fortigate-exploits-640x193.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0a077a3a42d50a3a0f468f91548348a7d45fe106aee74defb2ea1d8d5c670d79

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
50084
x-cf-tsc
1566782685
x-cf2
H
last-modified
Fri, 23 Aug 2019 21:15:17 GMT
server
CFS 0215
x-cff
B
etag
"5d605765-c3a4"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43701
accept-ranges
bytes
x-cf-rand
0.398
expires
Mon, 21 Oct 2019 12:37:12 GMT
pulse-secure-exploits-640x149.png
cdn.arstechnica.net/wp-content/uploads/2019/08/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2019/08/pulse-secure-exploits-640x149.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
258d8580f268adeed3ae8317bd0dc2cb7702729dcd7529a0bfe3c6989774c93c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
25972
x-cf-tsc
1566782685
x-cf2
H
last-modified
Fri, 23 Aug 2019 21:24:59 GMT
server
CFS 0215
x-cff
B
etag
"5d6059ab-6574"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43701
accept-ranges
bytes
x-cf-rand
7.201
expires
Mon, 21 Oct 2019 12:37:12 GMT
main-76b95056cc.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		650 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c93eb99f954616977c62d3a21ac7705d3f23af66301d2082460e59d7a04053c4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1566221163:cacheN.ams1-01:H
status
200
content-length
216263
x-cf-tsc
1566221177
x-cf2
H
last-modified
Mon, 19 Aug 2019 13:22:54 GMT
server
CFS 0215
x-cff
B
etag
W/"5d5aa2ae-a2617"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
11
accept-ranges
bytes
expires
Mon, 21 Oct 2019 12:37:12 GMT
widget.min.js
embed.actionbutton.co/widget/ 		0
0
satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/ 		0
0
arstechnica.js
player.cnevids.com/interlude/ 		0
0
conde-asa-polar-master.js
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5867
cf-ray
50c5db129bb38cc2-VIE
status
200
cf-ipcountry
DE
x-country
DE
content-length
2018
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
1339013367 1338930445
via
1.1 varnish
cache-control
max-age=21600
accept-ranges
bytes
content-type
text/javascript
100098X1555750.skimlinks.js
s.skimresources.com/js/ 		0
0
gtm.js
www.googletagmanager.com/ 		266 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29e53c8fbb6d3f11eaad33b4e45fd785d4bfe2e70ce4ea80e0bb5d125a86c24d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
br
last-modified
Mon, 26 Aug 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
65821
x-xss-protection
0
expires
Mon, 26 Aug 2019 12:37:12 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019081901.js
securepubads.g.doubleclick.net/gpt/ 		0
0
https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F
cdn.accelerator.arsdev.net/h/ 		0
0
ads.js
arstechnica.com/hotzones/src/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/hotzones/src/ads.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Bensenville, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2019 16:55:44 GMT
server
nginx
etag
"5d601a90-0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
content-length
0
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
strict-transport-security
max-age=300
accept-ranges
bytes
x-ars-server
web205
x-xss-protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		357 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
truncated
/ 		279 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		700 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		841 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
92486
x-cf-tsc
1566607899
x-cf2
H
last-modified
Mon, 08 Oct 2018 19:35:22 GMT
server
CFS 0215
x-cff
B
etag
"5bbbb17a-16946"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
28773
accept-ranges
bytes
x-cf-rand
4.880
expires
Mon, 21 Oct 2019 12:37:12 GMT
channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-da8ee106a4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fB.ams1:co:1525808045:cacheN.ams1-01:H
status
200
content-length
4809
x-cf-tsc
1548822260
x-cf2
H
last-modified
Fri, 18 Jan 2019 16:37:54 GMT
server
CFS 0215
x-cff
B
etag
"5c4200e2-12c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
19
accept-ranges
bytes
expires
Mon, 21 Oct 2019 12:37:12 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		0
0
outbrain.js
widgets.outbrain.com/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?_=1566823032726
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fb814cb1e0545a25c9f4bdc9ada88da44ae089ae8c9adfea25c02e725234c1b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:37:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Aug 2019 06:05:11 GMT
Server
Apache
ETag
"391a08a23c47387b9d1db97e395d88a5:1566194711"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
35685
video_groups
api.cnevids.com/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.127.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-211-127-174.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
d7e58d518f428757df7a7129b3b62a0f6820e5719b065302e1bdc5269c04b778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 26 Aug 2019 12:37:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
657
X-XSS-Protection
1; mode=block
X-Request-Id
4e80075f-e1a4-4d59-9c99-5165c6f796b4
X-Runtime
0.001606
X-Backend-Node
10.110.10.11
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
ETag
W/"9387250104a34935e7b1d95b7bbd7162"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.197 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-197.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 00:42:07 GMT
Content-Encoding
gzip
Age
42910
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
ETag
W/"53191693-19c1"
Content-Type
application/x-javascript
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
ot3TN1jdgBVgVh1ocy8grGhi5mS6VL8CgE1jffphBUUJ2va2SiY6Ag==
Expires
Tue, 27 Aug 2019 00:42:06 GMT
id
dpm.demdex.net/ 		0
0
analytics.js
www.google-analytics.com/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6816
date
Mon, 26 Aug 2019 10:43:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Mon, 26 Aug 2019 12:43:36 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.225 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:37:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26-Aug-2019 12:37:16 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Mon, 02 Sep 2019 12:37:16 GMT
PageName=information%20technology,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=undefined
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjExL3QvMA/kv/ 		253 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjExL3QvMA/kv/PageName=information%20technology,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=undefined
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
56d01047823b8e106f4fa063018b1ad9734cfbdd1180ec6b51a7c230e6c143d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Aug 2019 12:37:17 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
253
Content-Type
text/javascript;charset=UTF-8
fbevents.js
connect.facebook.net/en_US/ 		88 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
public
x-fb-debug
IB0V85MdwCdIkCTZ6CtkH6+zlTUNoQh5wy3eE9T/gMVbo+diuEvxz2hHRIczsupm7/ER24Q/vf92p2f1R8aQ8w==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Mon, 26 Aug 2019 12:37:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		0
0
spm.v1.min.js
ak.sail-horizon.com/spm/ 		118 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-13.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
41357b19e6561afbd7277a1bade976601b01f7784061adf690b8a7fd59247268

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:36:44 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2019 20:24:26 GMT
server
Apache
age
35
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
43067
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-amz-cf-id
OqkPehxq3P7onW857TevVrznfwMvbS4osyr74SZpYuw-ATRKdmauVw==
i.js
tag.bounceexchange.com/2806/ 		0
0
57
a.ad.gt/api/v1/u/matches/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.217.108 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-217-108.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
add1b20293d474cec83aa35548d37c08389d287e46dc16ac36876f0e57c9c79a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:37:21 GMT
Content-Encoding
gzip
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
1245
Content-Type
text/html; charset=utf-8
insight.min.js
snap.licdn.com/li.lms-analytics/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:37:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=19015
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
beacon.js
www.medtargetsystem.com/javascript/ 		176 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/javascript/beacon.js?v2.5.12
Requested by
Host: apple.news
URL: https://apple.news/AVX4tJKWnRNyZAxkP-Z7Y3g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.219.33 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-219-33.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
ca7b4ec24908919f739fa9232488be0da7d4a4a6868d7e5472f5b9ae148fc83c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:37:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 18:28:39 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"2c161-5902c0ae083c0-gzip"
Vary
X-Forwarded-Proto,Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52880
scevent.min.js
sc-static.net/ 		0
0
c941cf3b-dfcd-475f-90e4-e7f422fc89dd.js
optanon.blob.core.windows.net/consent/ 		0
0
b
sb.scorecardresearch.com/ 		0
0
receive
pixel.tapad.com/idsync/ex/ 		0
0
receive
pixel.tapad.com/idsync/ex/ 		0
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1450
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
856
x-xss-protection
0
expires
Mon, 26 Aug 2019 13:13:02 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Aug 2019 12:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
242 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 12:37:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&gjid=873837804&_gid=908276906.1566823033&_u=aGBAgUAjAAQC~&z=1969821155
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155&slf_rd=1&random=3382385643
42 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155&slf_rd=1&random=3382385643
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 12:37:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Aug 2019 12:37:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1469180734.1566823033&jid=815463676&_v=j79&z=1969821155&slf_rd=1&random=3382385643
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 21:52:36 GMT
content-encoding
gzip
vary
Origin
age
53082
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
bkKUp84PeqOFO0ro1R2yo7Ehw-VtBlaPECIbpRGw-H3Hek7ntj2nSw==
5b27ee7e8c1abc4e7900000f
api.cnevids.com/v1/video_groups/ 		40 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-76b95056cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.127.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-211-127-174.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
95a3b30a7fc60f195d30ee0470036c446b458de3ade45a82813e277b7b0ffba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 26 Aug 2019 12:37:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
6864
X-XSS-Protection
1; mode=block
X-Request-Id
7df657cd-49f3-45cd-931d-7826bd0d8668
X-Runtime
0.002859
X-Backend-Node
10.110.44.187
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
ETag
W/"b768b09791c8a1e12ccfe0cab7bf48b3"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
5d2c7e3634e7940316f772f2.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady45224746
player.cnevids.com/script/video/ 		0
0
arstechnica_dead-cells-how-to-avoid-falling-to-your-death-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1563202921/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1563202921/arstechnica_dead-cells-how-to-avoid-falling-to-your-death-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
5f760e6eaa1fd8e199a7135ae74692369612ff5de37b99eb63bcb8ee7d615568

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 18 Aug 2019 15:17:03 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
681859
Edge-Cache-Tag
512786565011436188602690990842551442357,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16016
X-Request-Id
558da5101eeb1f1f
X-Served-By
cache-fra19150-FRA
X-Cloud-Name
heru80fdn
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
cloudinary
X-Timer
S1563549194.385414,VS0,VE180
ETag
"4dba8e36b73a44cca8375175ae0e4b39"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
NusclBrsA6ue4PvBTChhCB5_ovJ65Oqcc3V8EjjPBVLGl0IgRGR6Og==
X-Cache-Hits
0
arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Jun 2019 19:35:11 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
2566840
Edge-Cache-Tag
409825722100045817936218917770258862228,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
14837
X-Request-Id
b6ad3868f2bf03bf
X-Served-By
cache-hhn4083-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Thu, 27 Jun 2019 19:34:59 GMT
Server
cloudinary
X-Timer
S1561664111.929725,VS0,VE147
ETag
"1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
P5Ylxng4fmFE59gfUnsnr6M7IH6Q4PiCqHFQkrCSXXTUe3zrxBnlHA==
X-Cache-Hits
0
arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 19:29:26 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
1269798
Edge-Cache-Tag
384957005148579205807938476483146982592,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15222
X-Request-Id
0958d581a409116b
X-Served-By
cache-fra19136-FRA
Server
cloudinary
X-Timer
S1559756401.882584,VS0,VE537
ETag
"8c45b6c645caba59f4b14d3fbdc09062"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
vhd9wztTjqY8wxdxwgl1HC-uJ2p8aGyYrnidvK20_CDfJmZCuUdfhQ==
X-Cache-Hits
0
arstechnica_this-war-of-mine-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559075831/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559075831/arstechnica_this-war-of-mine-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
ec84902ae04cc118d965c577e2ece816abd594431ce66bcef1afd4f745e951fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 15 Aug 2019 19:34:00 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
925427
Edge-Cache-Tag
580474366038461196493179311799260666459,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15985
X-Request-Id
c8c7238dbb15b70b
X-Served-By
cache-hhn1542-HHN
Last-Modified
Mon, 03 Jun 2019 18:11:08 GMT
Server
cloudinary
X-Timer
S1559585468.501454,VS0,VE505
ETag
"42bc7816573b81a73647b6f7123944c5"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
AypqRSlLR3Cpmq2x3ACdeGgCgqFdBMOEXsRJuuZleGacO7YY91dOOg==
X-Cache-Hits
0
arstechnica_obra-dinn-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1558373184/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1558373184/arstechnica_obra-dinn-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
8574074952616e0a56e5b72d9634bff0a683d658d09804c10324293811606d22

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 15 Aug 2019 15:23:41 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
940489
Edge-Cache-Tag
433557846635605494688582207268998106147,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15609
X-Request-Id
c8a15984885b6e84
X-Served-By
cache-fra19142-FRA
X-Cloud-Name
heru80fdn
Last-Modified
Tue, 28 May 2019 17:36:10 GMT
Server
cloudinary
X-Timer
S1559065035.044774,VS0,VE231
ETag
"8becb0d5f4f7ff3e76e89c89871f465d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
-gz8aloZ8CDbgUFL84FtvDHz5pwSA02FqZiViaiIcVeriOTc3LX9ww==
X-Cache-Hits
0
arstechnica_army-s-new-pistol-has-had-some-misfires.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556912500/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556912500/arstechnica_army-s-new-pistol-has-had-some-misfires.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
a91d62b47f02a7e638d1749e3791ac328b2dd89dac630578f76e65b1ed91ed89

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 17 Aug 2019 00:26:45 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
821510
Edge-Cache-Tag
575077299308468417590234438077035908298,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7863
X-Request-Id
19c9873a9e40bdc6
X-Served-By
cache-hhn1537-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Mon, 13 May 2019 19:11:27 GMT
Server
cloudinary
X-Timer
S1559434184.442899,VS0,VE232
ETag
"31902de995c98904a55c605571f06530"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
3tQlp-FJsK-VskZ5NjPSECgCFUvbJzXPPZJ3v2iSiRbvI7oOsBPKaw==
X-Cache-Hits
0
arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 26 Aug 2019 12:10:14 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
20677
Edge-Cache-Tag
515397136805965062020045600075132664421,404749671192515790889513374839386840902,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15634
X-Request-Id
2d0da7ec326501f4
X-Served-By
cache-fra19145-FRA
X-Cloud-Name
heru80fdn
Last-Modified
Thu, 02 May 2019 18:45:52 GMT
Server
cloudinary
X-Timer
S1559088335.611581,VS0,VE1
ETag
"abee90e53f29ba0127fca9442ab50902"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
mEdCN_zgao9-CpRa4pH_u0su8zZccJuI2_RKaM5aIsTyACtGQ0rohw==
X-Cache-Hits
1
arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 16 Aug 2019 19:03:55 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
840871
Edge-Cache-Tag
587193118310891607619753694455047488726,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
15251
X-Request-Id
4a753e904b5f7094
X-Served-By
cache-hhn1539-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Tue, 16 Apr 2019 18:59:19 GMT
Server
cloudinary
X-Timer
S1558397317.096357,VS0,VE232
ETag
"3e7cdc13e718680bf5e1efa64468b560"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
JzH1ym9e0N_dWnA3PLy1JkNyBD6NvHgiaKlRcuQOZQcksEG0IQGrmQ==
X-Cache-Hits
0
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 00:09:30 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
1756839
Edge-Cache-Tag
313687566273846460968749706722669918033,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19022
X-Request-Id
2200c349462f9c83
X-Served-By
cache-hhn1528-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Wed, 27 Feb 2019 16:48:24 GMT
Server
cloudinary
X-Timer
S1559006978.808642,VS0,VE226
ETag
"fe52b9acd391d8bee8de15a0f429b377"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
-Rt1SB8cdNPSPRqbz6AsH1N82yYaVNBcYfFfxtWGbcAF8gAjAJ9BkQ==
X-Cache-Hits
0
arstechnica_army-s-next-vertical-lift-en-route.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550680609/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550680609/arstechnica_army-s-next-vertical-lift-en-route.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
4868ca91bcd0d492c501ec5b8d44ac78d3e1226977ae14ff598f5efe78751951

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 04:46:11 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
287941
Edge-Cache-Tag
312535560964408758261298476626669868625,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4867
X-Request-Id
e3f346bec24d7ff3
X-Served-By
cache-hhn1532-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Thu, 21 Feb 2019 15:50:43 GMT
Server
cloudinary
X-Timer
S1559089107.834583,VS0,VE286
ETag
"90ad4d692f7209c01596b99729f26e7b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
UQvdrJhkcJMZHNJJCOzly3QGLjkp4Vl5nfmkVZkrOR_y4wLVK84wzg==
X-Cache-Hits
0
arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 00:11:29 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
2550152
Edge-Cache-Tag
292757494989914907279105994976263969890,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
18172
X-Request-Id
c3e7d96bbe014b80
X-Served-By
cache-hhn1535-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Fri, 15 Feb 2019 15:34:33 GMT
Server
cloudinary
X-Timer
S1559088690.594713,VS0,VE388
ETag
"32f1b8954559c8d598e9861f5b8360b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
N8FG7PfmSSX0lQJ6GSE-ZFn3d7BCf3cZayB9lNF9GjV5LFzJZOy27A==
X-Cache-Hits
0
arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 16:53:27 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
2253203
Edge-Cache-Tag
561334743792169660751574031162860899763,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7393
X-Served-By
cache-hhn1525-HHN
Last-Modified
Tue, 08 Jan 2019 16:38:58 GMT
Server
cloudinary
X-Timer
S1559434743.785754,VS0,VE1
ETag
"17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
25M5EMMJzPOlSGaMWnrs2KjNRhnBr-eRa9Ziu8Hys-k20pDRG69N5w==
X-Cache-Hits
1
arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 19 Aug 2019 00:13:58 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
649415
Edge-Cache-Tag
522150850958368321191235208678465217967,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10595
X-Request-Id
98a54be49b866b53
X-Served-By
cache-hhn1521-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Fri, 09 Nov 2018 14:44:53 GMT
Server
cloudinary
X-Timer
S1559436315.461747,VS0,VE1
ETag
"6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
NhzDDlbuixf7U8_vtZblc-wjvOc4XVmk0w9JJzNcruf5iFmgSd6IQA==
X-Cache-Hits
2
arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 03:24:49 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
1319172
Edge-Cache-Tag
389498626973997838808844380914497340413,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12509
X-Request-Id
ec5f066ff382a9d5
X-Served-By
cache-fra19162-FRA
X-Cloud-Name
heru80fdn
Last-Modified
Fri, 21 Sep 2018 16:51:30 GMT
Server
cloudinary
X-Timer
S1559434364.715908,VS0,VE304
ETag
"b9c502ffc902b60d0eb13698b37a945d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
zcT4HVGN_8SUAEYkVeZixpfpTMFg4alYE1xCW5MuMn22v0ZGQWmBog==
X-Cache-Hits
0
arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 May 2019 18:19:04 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
3297251
Edge-Cache-Tag
294316597633303263276952824544497226127,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7181
X-Served-By
cache-fra19129-FRA
Last-Modified
Fri, 06 Jul 2018 12:23:22 GMT
Server
cloudinary
X-Timer
S1558376344.111767,VS0,VE1
ETag
"0549828edcecd339d8d10ebe6119de70"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
Q4kMHoVIAIhE0F3mRzlj_f27HALEfgtQf7NEzHo-5jXe_TKIHLVt9Q==
X-Cache-Hits
1
arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 17 Aug 2019 00:25:09 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
821844
Edge-Cache-Tag
424632948265147424317824738369264083785,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
14040
X-Request-Id
37d0301184b1a283
X-Served-By
cache-hhn1547-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Tue, 05 Dec 2017 01:52:25 GMT
Server
cloudinary
X-Timer
S1559089275.724502,VS0,VE297
ETag
"ecc047c6eed3dc571a78eab647201220"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
vQdeZF_ehH4iT_NEj_F_KzmwPLV7QZjo22jiriBEEl9lCt-jNc6PRg==
X-Cache-Hits
0
arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 21 May 2019 00:22:17 GMT
Via
1.1 varnish, 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age
2718862
Edge-Cache-Tag
489732375708630852448407029403767769375,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13885
X-Request-Id
50cb21064027ad75
X-Served-By
cache-hhn1541-HHN
X-Cloud-Name
heru80fdn
Last-Modified
Fri, 06 Jul 2018 19:56:42 GMT
Server
cloudinary
X-Timer
S1558398138.789238,VS0,VE1
ETag
"13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With,Range,User-Agent
X-Amz-Cf-Id
mzwPYiliR-gQ1d1XlPDIht5zx5gzZASLLGYMaBmVYDRrybSOlHki7g==
X-Cache-Hits
1
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
arstechnica.com
srv-2019-08-26-12.config.parsely.com/config/ 		0
0
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:32:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:18:17 GMT
server
AmazonS3
age
847
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Ta4xwEzUVeJmG5h4c7EsCYIlPbr2i8KXLJSMg7Hify9ResnFCrwyyQ==
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
228464857488266
connect.facebook.net/signals/config/ 		308 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/228464857488266?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
69932e401ffd71025f7e4bd320ea4ade764c87a91c5acd9114e69d2aaaa19615
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79815
x-xss-protection
0
pragma
public
x-fb-debug
5Fe/Un6VCuKtofdTSP+RWCzAtQnBvAVb+g7Gw4HpCKIYR5i+aW0gWcueeXjbfac3chp8LLXcirAagKbV13sDMA==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Mon, 26 Aug 2019 12:37:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
LGw24f3MMs8sM8OL5Ce17uyAZ09XcL8IwWIgmmqH8Yljwo0kCvHXi1d5+E2FN+LE09ZFWFf3icMgLCB83vTWZw==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Mon, 26 Aug 2019 12:37:16 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=PageView&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F&rl=&if=false&ts=1566823036828&cd[SiteSection]=information%20technology&cd[PageTags]=exploits%7Cfortigate%7Cpulse%20secure%7Cvirtual%20private%20networks%7Cvpns%7Cvulnerabilities&cd[Brand]=Pitchfork&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1566823036827.763864460&it=1566823036792&coo=false&rqm=GET
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:37:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 26 Aug 2019 12:37:32 GMT
/
www.facebook.com/tr/ Frame 7794 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2525
pragma
no-cache
cache-control
no-cache
origin
https://arstechnica.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
accept-encoding
gzip, deflate, br
Origin
https://arstechnica.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 26 Aug 2019 12:37:17 GMT
YXJzdGVjaG5pY2EuY29t
tcheck.outbrainimg.com/tcheck/check/ 		16 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1566823032726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.252.200 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a92-122-252-200.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=6660
Date
Mon, 26 Aug 2019 12:37:20 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Mon, 26 Aug 2019 14:28:20 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1566823040562&sessionId=8a918c4a-8801-56e0-95fd-07c4d54f1f7d&url=arstechnica.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1566823032726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Sec-Fetch-Mode
cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Aug 2019 12:37:28 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-TraceId
5729e7f57f5d827526515ba4bc9d9eb9
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		16 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=http%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&settings=true&recs=true&widgetJSId=JS_1&key=NANOWDGT01&idx=0&version=01021008&apv=false&sig=8Bmb6tvm&format=vjapi&rand=91993&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&va=true&cmpStat=0&ref=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1566823032726
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
8eeebe9ec0ebf438041b7f26aa66336f7349ffd297ece3c1d515f1a62e2eea9e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
d02ac970dbb6213eee18ff2ff3d8ab5f
content-length
8833
x-served-by
cache-mdw17377-MDW, cache-fra19147-FRA
pragma
no-cache
x-timer
S1566823058.849820,VS0,VE186
date
Mon, 26 Aug 2019 12:37:38 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.77
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set /
www.medtargetsystem.com/beacon/portal/ Frame 9FCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F&_sid=3a251459-9e4f-43b0-9c04-92c4c93a7926&_vid=bc5ff34c-6704-4d33-9857-90f7b5027477&_ak=119-556-B0E9F642&_flash=false&_th=1566823032|1566823032|1
Requested by
Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/javascript/beacon.js?v2.5.12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.219.33 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-219-33.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash

Request headers

Host
www.medtargetsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Aug 2019 12:37:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
Apache/2.4.7 (Ubuntu)
Set-Cookie
DMDSESSID=6m2t82dcl3dm98ch87kklcr3m1; path=/; HttpOnly
Vary
X-Forwarded-Proto,Accept-Encoding
X-Powered-By
PHP/7.0.19-1+deb.sury.org~trusty+2
Content-Length
6989
Connection
keep-alive
store
match.deepintent.com/usersync/114/ 		0
0
pixel;r=781377042;labels=Culture.Ars%20Technica.information%20technology.;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying...
pixel.quantserve.com/ 		0
0
Cookie set obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 9B0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1566823032726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
widgets.outbrain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/
Accept-Encoding
gzip, deflate, br
Cookie
recs_94b2b766aa1e7f51fe198bbbbddb5a80=0B2013685717A2276237707A2305541282A2199008569A2202369066A1925901673ACD1; obuid=2e520cfe-1ada-4455-9f00-90c7fb167b15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://arstechnica.com/information-technology/2019/08/hackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns/

Response headers

Server
Apache
ETag
"acece0f0b3969cc3352833e939d8244b:1566393136"
Last-Modified
Wed, 21 Aug 2019 13:10:09 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=604800
Date
Mon, 26 Aug 2019 12:37:38 GMT
Content-Length
3661
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Set-Cookie
akacd_widgets_stg=3744275857~rv=72~id=73f1fcf04f6b59a657979e063e43376d; path=/;
l
mcdp-chidc2.outbrain.com/ 		0
0
eyJpdSI6IjlhOWUwMDAwYjBmMmFjNGNiOTY2NjI1NTczNDhjYjRiMzA1NTNiYTkyZDY3NjM4MTdiZTc4YzAyZDVkZTc0YjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0
eyJpdSI6IjdlYmM2ZmQxZWYxYTc5M2QxNGJhODkyNTkxMjNjNTliNDk2NmZjM2YxNzY4NDk2MTYwZDkxYTBlMmM3ZGRlZjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0
eyJpdSI6IjFkOGFhYmE2ZTRmZjIyODNhYjM2YjVlNjBjMjNmYjU0ODVmYTY4N2ZlNGQxZTE5NGFiZTkxYmMzZjRiZGEzMmUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0
eyJpdSI6IjI0MzdmMDM1MDQzMTU3NDkwY2NlZmQyMzkzYjVlMDUxNzNjMWU5MjkwZDQzNzM2ZWY3NWE3OWQwM2Q1NTRkZjQiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0
eyJpdSI6IjA0NzhjMzQyZWJhMzZkM2U2ZDEwMjliZTM3ODg1ZTJmNGFhZGRjMDliYjI3Yzc3YjEzNDM4Yjg4ODNmNjIwNmQiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0
eyJpdSI6ImUxMzU3NTk5MDg5NWJkMzU4MGVjZjU4ZTkyZDBkZjU4YWM3YTA2YWU2MWI5ODZhOTYwYTM3YmRlNzc3ZDhjODciLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/p/183973-1558632223658.js
Domain
z.moatads.com
URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Domain
embed.actionbutton.co
URL
https://embed.actionbutton.co/widget/widget.min.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Domain
player.cnevids.com
URL
https://player.cnevids.com/interlude/arstechnica.js
Domain
s.skimresources.com
URL
https://s.skimresources.com/js/100098X1555750.skimlinks.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019081901.js?21064492
Domain
cdn.accelerator.arsdev.net
URL
https://cdn.accelerator.arsdev.net/h/https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Domain
cdn.arstechnica.net
URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1566823032814
Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
tag.bounceexchange.com
URL
https://tag.bounceexchange.com/2806/i.js
Domain
sc-static.net
URL
https://sc-static.net/scevent.min.js
Domain
optanon.blob.core.windows.net
URL
https://optanon.blob.core.windows.net/consent/c941cf3b-dfcd-475f-90e4-e7f422fc89dd.js
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1566823032830&ns_c=UTF-8&c8=Hackers%20are%20actively%20trying%20to%20steal%20passwords%20from%20two%20widely%20used%20VPNs%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F&c9=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=undefined
Domain
player.cnevids.com
URL
https://player.cnevids.com/script/video/5d2c7e3634e7940316f772f2.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady45224746
Domain
srv-2019-08-26-12.config.parsely.com
URL
https://srv-2019-08-26-12.config.parsely.com/config/arstechnica.com
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/114/store?id=UNK&ext1=3a251459-9e4f-43b0-9c04-92c4c93a7926
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel;r=781377042;labels=Culture.Ars%20Technica.information%20technology.;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-trying-to-steal-passwords-from-two-widely-used-vpns%2F;fpan=1;fpa=P0-987265348-1566823052076;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1566823052076;tzo=-120;ogl=site_name.Ars%20Technica%2Curl.https%3A%2F%2Farstechnica%252Ecom%2Finformation-technology%2F2019%2F08%2Fhackers-are-actively-tryi%2Ctitle.Hackers%20are%20actively%20trying%20to%20steal%20passwords%20from%20two%20widely%20used%20VPNs%2Cimage.https%3A%2F%2Fcdn%252Earstechnica%252Enet%2Fwp-content%2Fuploads%2F2013%2F05%2Fhacked_by_xxdigipxx-d4ozz%2Cdescription.Got%20Fortigate%20or%20Pulse%20Secure%3F%20Now%20would%20be%20a%20good%20time%20to%20make%20sure%20they're%20pat%2Ctype.article
Domain
mcdp-chidc2.outbrain.com
URL
https://mcdp-chidc2.outbrain.com/l?token=53512c096944c5a325fd02528d726048_6817_1566823057970&tm=17560&eT=0&wRV=01021008&pVis=0&lsd=2e520cfe-1ada-4455-9f00-90c7fb167b15&eIdx=&cheq=0&ab=0&wl=0
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlhOWUwMDAwYjBmMmFjNGNiOTY2NjI1NTczNDhjYjRiMzA1NTNiYTkyZDY3NjM4MTdiZTc4YzAyZDVkZTc0YjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdlYmM2ZmQxZWYxYTc5M2QxNGJhODkyNTkxMjNjNTliNDk2NmZjM2YxNzY4NDk2MTYwZDkxYTBlMmM3ZGRlZjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFkOGFhYmE2ZTRmZjIyODNhYjM2YjVlNjBjMjNmYjU0ODVmYTY4N2ZlNGQxZTE5NGFiZTkxYmMzZjRiZGEzMmUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI0MzdmMDM1MDQzMTU3NDkwY2NlZmQyMzkzYjVlMDUxNzNjMWU5MjkwZDQzNzM2ZWY3NWE3OWQwM2Q1NTRkZjQiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA0NzhjMzQyZWJhMzZkM2U2ZDEwMjliZTM3ODg1ZTJmNGFhZGRjMDliYjI3Yzc3YjEzNDM4Yjg4ODNmNjIwNmQiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUxMzU3NTk5MDg5NWJkMzU4MGVjZjU4ZTkyZDBkZjU4YWM3YTA2YWU2MWI5ODZhOTYwYTM3YmRlNzc3ZDhjODciLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ars object| digitalData object| dataLayer object| googletag object| cns object| sparrowQueue object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_ltobserver object| google_js_reporting_queue function| processGoogleToken object| cnBus function| moatYieldReady object| _perfRefForUserTimingPolyfill object| __core-js_shared__ object| core object| fastdom object| BOOMR_mq object| CN object| apstag object| headertag object| Twig object| Arrive function| FPCountdown function| $ function| jQuery function| moment function| UAParser function| purl function| twig function| EvEmitter function| imagesLoaded function| easydropdown function| m function| transitionEnd string| $queryString function| arsVideoModulePlayerReady45224746 object| google_lt_queue object| google_tag_manager function| e object| visitor function| Visitor object| s_c_il number| s_c_in function| DIL object| dilInstance string| referrer object| urlParams string| queryString string| fullUrl object| myParam string| GoogleAnalyticsObject function| ga object| _qevents object| __adIq_Config string| b object| h object| _aam_dataLayer undefined| userId boolean| _aam_spa function| fbq function| _fbq function| twq function| getVisitNumCustom number| d string| _linkedin_partner_id object| _linkedin_data_partner_ids object| AIM function| snaptr object| r function| addPixel object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PARSELY function| quantserve function| __qc object| ezt object| _qoptions object| Sailthru object| OBR string| OB_releaseVer function| OBR$ object| outbrain object| outbrain_rater function| docReady object| _0x9a6e function| _0x4bd0 object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| arrive function| unbindArrive function| leave function| unbindLeave

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
adservice.google.com
adservice.google.de
ak.sail-horizon.com
ampcid.google.com
ampcid.google.de
api.cnevids.com
apple.news
arstechnica.com
assets.adobedtm.com
c.amazon-adsystem.com
cdn.accelerator.arsdev.net
cdn.arstechnica.net
cdn.mediavoice.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dwgyu36up6iuz.cloudfront.net
embed.actionbutton.co
images.outbrainimg.com
js-sec.indexww.com
log.outbrainimg.com
match.deepintent.com
mcdp-chidc2.outbrain.com
odb.outbrain.com
optanon.blob.core.windows.net
pixel.quantserve.com
pixel.tapad.com
player.cnevids.com
rules.quantcount.com
s.skimresources.com
sb.scorecardresearch.com
sc-static.net
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
srv-2019-08-26-12.config.parsely.com
static.ads-twitter.com
stats.g.doubleclick.net
tag.bounceexchange.com
tcheck.outbrainimg.com
widgets.outbrain.com
www.apple.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.medtargetsystem.com
z.moatads.com
assets.adobedtm.com
cdn.accelerator.arsdev.net
cdn.arstechnica.net
dpm.demdex.net
embed.actionbutton.co
images.outbrainimg.com
js-sec.indexww.com
match.deepintent.com
mcdp-chidc2.outbrain.com
optanon.blob.core.windows.net
pixel.quantserve.com
pixel.tapad.com
player.cnevids.com
s.skimresources.com
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
srv-2019-08-26-12.config.parsely.com
static.ads-twitter.com
tag.bounceexchange.com
z.moatads.com
13.35.253.13
13.35.254.194
13.35.254.197
151.101.14.2
18.211.127.174
2.18.234.190
205.234.175.175
2600:9000:2057:400:6:44e3:f8c0:93a1
2606:4700::6813:d983
2a00:1450:4001:818::2004
2a00:1450:4001:819::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::200e
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9b
2a02:26f0:10c:381::3277
2a02:26f0:64:59a::1aca
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
46.228.164.13
50.31.169.131
52.1.219.33
54.200.217.108
64.202.112.31
91.228.74.225
92.122.252.200
99.86.1.198
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
032027ea92b8b014594b64b514f922a12029c27c3dc27e5c11b09eabfaf810c3
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0a077a3a42d50a3a0f468f91548348a7d45fe106aee74defb2ea1d8d5c670d79
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
1a33134313364da630ab0d7c845a2167e97ecda944d688282bb1dd2e2fc152bf
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
258d8580f268adeed3ae8317bd0dc2cb7702729dcd7529a0bfe3c6989774c93c
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
29e53c8fbb6d3f11eaad33b4e45fd785d4bfe2e70ce4ea80e0bb5d125a86c24d
2bd0ed1f601395f2c7b777bdc52bba681ab91265df419ad3e841f0e3d8b8af2d
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41357b19e6561afbd7277a1bade976601b01f7784061adf690b8a7fd59247268
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
42a1b2424520b2ec7f7638174ed21c49a86aa353f7f51b0f35c8b9d2213595a5
4704fca31cd15f83a91c67e58a9acd46cf491d78fb2e2f8a6be760c8ae8cee7f
4868ca91bcd0d492c501ec5b8d44ac78d3e1226977ae14ff598f5efe78751951
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
52ef850ccc59b0291589524a0d69eb2e561df213979bf544132c92fa8b09b4fd
56d01047823b8e106f4fa063018b1ad9734cfbdd1180ec6b51a7c230e6c143d3
5a148e4d91ff4d1a1983593c6b96a1c2457dbf65c040e00369b6619b5685b2bf
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5f760e6eaa1fd8e199a7135ae74692369612ff5de37b99eb63bcb8ee7d615568
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
69932e401ffd71025f7e4bd320ea4ade764c87a91c5acd9114e69d2aaaa19615
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
756b6d7d4ffd3bdc125c38472c06669f86d3ec8be5fdef674a2e4b57ea4be174
781c5596f9a65325ecfa652e4fe12760d429b1cf3070be38eb5d42ce6d83eb6d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7fb814cb1e0545a25c9f4bdc9ada88da44ae089ae8c9adfea25c02e725234c1b
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
8574074952616e0a56e5b72d9634bff0a683d658d09804c10324293811606d22
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8eeebe9ec0ebf438041b7f26aa66336f7349ffd297ece3c1d515f1a62e2eea9e
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95a3b30a7fc60f195d30ee0470036c446b458de3ade45a82813e277b7b0ffba9
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
a91d62b47f02a7e638d1749e3791ac328b2dd89dac630578f76e65b1ed91ed89
aa017f8747b8fbf75e39550f6564f71e856726e3555cd993aa6dcf148c947d47
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
add1b20293d474cec83aa35548d37c08389d287e46dc16ac36876f0e57c9c79a
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f
c93eb99f954616977c62d3a21ac7705d3f23af66301d2082460e59d7a04053c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7b4ec24908919f739fa9232488be0da7d4a4a6868d7e5472f5b9ae148fc83c
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d7e58d518f428757df7a7129b3b62a0f6820e5719b065302e1bdc5269c04b778
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec84902ae04cc118d965c577e2ece816abd594431ce66bcef1afd4f745e951fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fe08f47d9fdb1cc392d658abae8b50ca9fe1c84a6ab81b86a46c20ae8c85d82c