In that story why was the replaying of HTTP requests so suspicious? They were cleartext requests sent over the internet, anyone could have seen the path.
Just because it's physically possible for someone to passively MITM a connection doesn't mean everyone and their dog is actually listening in on it. If they were, there'd be a booming industry of leaking celebrities' scandalous DNS requests. Instead, I'd suspect that actual actors with that capability wouldn't be burning it on small-time replay attacks.