9to5mac.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Submission: On November 28 via manual (November 28th 2022, 4:38:30 am UTC) from US — Scanned from DE

Summary HTTP 301 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 60 IPs in 5 countries across 37 domains to perform 301 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is 9to5mac.com. The Cisco Umbrella rank of the primary domain is 74010.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.

This is the only time 9to5mac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:236e:8000:9:674:7440:21	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.105.95 13.32.105.95	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:238... 2600:9000:238c:8600:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 7	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
4	34.246.116.247 34.246.116.247	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:205... 2600:9000:2057:e00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:b800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
57	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:612... 2600:1f18:612b:4216:7c0:9dd:bfc5:265a	14618 (AMAZON-AES) (AMAZON-AES)
7 7	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.224.119.28 3.224.119.28	() ()
301	60

23 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

9to5mac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

9to5mac-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.9to5terminal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:8000:9:674:7440:21 (United States)

ASN16509 (AMAZON-02, US)

d35xxde4fgg0cx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.105.95 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-105-95.fra60.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238c:8600:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

9to5maccom.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

nineto5mac-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.116.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-116-247.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2057:e00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:612b:4216:7c0:9dd:bfc5:265a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.94.180.126 (Amsterdam, Netherlands) 7 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.119.28 (None, )

ASN- ()

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1006 trc.taboola.com — Cisco Umbrella Rank: 770 vidstat.taboola.com — Cisco Umbrella Rank: 2908 images.taboola.com — Cisco Umbrella Rank: 1522 imprammp.taboola.com — Cisco Umbrella Rank: 8157 am-match.taboola.com — Cisco Umbrella Rank: 8000 wf.taboola.com — Cisco Umbrella Rank: 3166 am-vid-events.taboola.com — Cisco Umbrella Rank: 7595 sync-t1.taboola.com — Cisco Umbrella Rank: 1111 vidstatb.taboola.com — Cisco Umbrella Rank: 6406 pips.taboola.com — Cisco Umbrella Rank: 1616 cds.taboola.com — Cisco Umbrella Rank: 1790	3 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182	636 KB
23	9to5mac.com 9to5mac.com — Cisco Umbrella Rank: 74010	478 KB
22	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 197 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 350 stats.g.doubleclick.net — Cisco Umbrella Rank: 142	246 KB
14	google.com 3 redirects contributor.google.com — Cisco Umbrella Rank: 21912 adservice.google.com — Cisco Umbrella Rank: 121 ampcid.google.com — Cisco Umbrella Rank: 2216 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2139 www.google.com — Cisco Umbrella Rank: 16	11 KB
14	disqus.com 9to5maccom.disqus.com — Cisco Umbrella Rank: 326762 disqus.com — Cisco Umbrella Rank: 1398 tempest.services.disqus.com — Cisco Umbrella Rank: 16291 referrer.disqus.com — Cisco Umbrella Rank: 6903	92 KB
12	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4303	521 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 370	234 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	189 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	749 KB
7	spotxchange.com 7 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	5 KB
7	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 192	6 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84 region1.google-analytics.com — Cisco Umbrella Rank: 1166	20 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 jnn-pa.googleapis.com — Cisco Umbrella Rank: 277	33 KB
5	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3502	911 B
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	1 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 5200 ampcid.google.de — Cisco Umbrella Rank: 45381 www.google.de — Cisco Umbrella Rank: 3269	2 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9114 api.viglink.com — Cisco Umbrella Rank: 15959	30 KB
5	wp.com stats.wp.com — Cisco Umbrella Rank: 3342 i0.wp.com — Cisco Umbrella Rank: 3604 pixel.wp.com — Cisco Umbrella Rank: 2850	43 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 410 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	184 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	121 KB
3	a-mo.net assets.a-mo.net — Cisco Umbrella Rank: 4361 prebid.a-mo.net — Cisco Umbrella Rank: 1193 1x1.a-mo.net	36 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1524 api.btloader.com — Cisco Umbrella Rank: 1711	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1294 pixel.quantserve.com — Cisco Umbrella Rank: 908	10 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 276	1 KB
2	cloudfront.net d35xxde4fgg0cx.cloudfront.net d3div1mtym39ic.cloudfront.net	63 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1725	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3771 p1.parsely.com — Cisco Umbrella Rank: 3008	19 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	466 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	633 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 866	643 B
1	openx.net nineto5mac-d.openx.net — Cisco Umbrella Rank: 142567	375 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2025	5 KB
1	9to5terminal.com cdn.9to5terminal.com — Cisco Umbrella Rank: 137491	2 KB
1	videoplayerhub.com 1 redirects 9to5mac-com.videoplayerhub.com — Cisco Umbrella Rank: 165194	460 B
0	districtm.io Failed dmx.districtm.io Failed
301	37

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net 9to5mac.com tpc.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com
23	images.taboola.com	9to5mac.com cdn.taboola.com
23	9to5mac.com	9to5mac.com
16	cdn.taboola.com	9to5mac.com cdn.taboola.com
12	c.disquscdn.com	9to5maccom.disqus.com disqus.com c.disquscdn.com 9to5mac.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net 9to5mac.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
10	pagead2.googlesyndication.com	9to5mac.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	www.google.com	3 redirects 9to5mac.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.youtube.com	9to5mac.com www.youtube.com
7	sync.search.spotxchange.com	7 redirects
7	sb.scorecardresearch.com	1 redirects 9to5mac.com cdn.taboola.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 9to5mac.com
5	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
5	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
5	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	trc.taboola.com	cdn.taboola.com 9to5mac.com
5	referrer.disqus.com	9to5mac.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com 9to5mac.com
4	jnn-pa.googleapis.com	www.youtube.com
4	disqus.com	9to5maccom.disqus.com c.disquscdn.com
4	api.viglink.com	cdn.viglink.com 9to5mac.com
3	wf.taboola.com	vidstat.taboola.com
3	am-match.taboola.com	vidstat.taboola.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	9to5maccom.disqus.com	9to5mac.com 9to5maccom.disqus.com
3	i0.wp.com	9to5mac.com
3	www.googletagmanager.com	9to5mac.com www.googletagmanager.com
3	www.googletagservices.com	9to5mac.com googleads.g.doubleclick.net
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	am-vid-events.taboola.com	9to5mac.com
2	imprammp.taboola.com	vidstat.taboola.com
2	tempest.services.disqus.com	9to5maccom.disqus.com
2	api.btloader.com	9to5mac-com.videoplayerhub.com
2	ib.adnxs.com	9to5mac.com
2	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	ad-delivery.net	9to5mac.com
2	fonts.googleapis.com	9to5mac.com googleads.g.doubleclick.net
1	1x1.a-mo.net	assets.a-mo.net
1	vidstatb.taboola.com	9to5mac.com
1	www.google.de	9to5mac.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	static.doubleclick.net	www.youtube.com
1	ampcid.google.de	www.google-analytics.com
1	fundingchoicesmessages.google.com	9to5mac.com
1	pixel.quantserve.com	9to5mac.com
1	38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ampcid.google.com	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	contributor.google.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	ap.lijit.com	9to5mac.com
1	nineto5mac-d.openx.net	9to5mac.com
1	prebid.a-mo.net	9to5mac.com
1	pixel.wp.com	9to5mac.com
1	secure.gravatar.com	9to5mac.com
1	cdn.viglink.com	9to5mac.com
1	p1.parsely.com	9to5mac.com
1	d3div1mtym39ic.cloudfront.net	9to5mac.com
1	d35xxde4fgg0cx.cloudfront.net	9to5mac.com
1	ad.doubleclick.net	9to5mac.com
1	stats.wp.com	9to5mac.com
1	cdn.parsely.com	9to5mac.com
1	cdn.9to5terminal.com	9to5mac.com
1	assets.a-mo.net	9to5mac.com
1	btloader.com	9to5mac.com
1	9to5mac-com.videoplayerhub.com	1 redirects
0	dmx.districtm.io Failed	9to5mac.com
301	76

This site contains links to these domains. Also see Links.

Domain
www.9to5mac.com
www.youtube.com
www.facebook.com
twitter.com
instagram.com
apple.news
www.linkedin.com
www.decluttr.com
9to5mac.ifixyouri.com
9to5toys.com
9to5google.com
electrek.co
dronedj.com
www.spaceexplored.com
www.nytimes.com
unsplash.com
news.google.com
facebook.com
nordvpn.com
amzn.to
wpvip.com

Subject Issuer	Validity	Valid
9to5mac.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
viglink.com Amazon	`2022-10-13` - `2023-11-11`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-10-20` - `2023-01-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
a.disquscdn.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Frame ID: 6DF54EA3AB42C3952A57419441CB24EE
Requests: 121 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
Frame ID: BC8E1B6B3AC8B9453F88BEDC6D614399
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 14FD557C04C286611B0E761B97929287
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&adk=1812271804&adf=3025194257&lmt=1669610302&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301823&bpp=4&bdt=532&idt=163&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=47243702042&frm=20&pv=2&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=188
Frame ID: CD557B838D97795A7E73550342A4295A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=466652548&adf=938554&w=336&fwrn=4&fwrnh=100&lmt=1669610302&rafmt=1&format=336x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301827&bpp=3&bdt=537&idt=198&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=omd4cX6zW1&p=https%3A//9to5mac.com&dtd=205
Frame ID: EAF420AA9F75D12FEE72A67C4811F237
Requests: 12 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
Frame ID: 5621BBADD7AB00B02A2FD55D09BD9FE9
Requests: 13 HTTP requests in this frame

Frame: https://38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 94D30DA8337052C98FB65598A72D1BFA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: D9C5DE3D706E2582E59821F74D58F460
Requests: 30 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: D241A872B7A483F6ED974C935BC750FC
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52
Frame ID: E1538167D5566E3847F7E5BD238F7BEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html
Frame ID: BBF99392E924ACC49464D03827BDCB23
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CeczBPjuEY4-nHfbYx_APg5uD-Avyg6qfbZ-K3K3MEO7DhsmcNxABIKyV4hRgleKQgqAHoAHc9KXUA8gBCakC_V3iep9wsT6oAwHIA0iqBO8BT9ApoHiUGApKh57q6ymqXLu7wZNmOalV3q4XZKnvFNlD0z5Lxg98QQ4p8w_lXdZbEKbPy_IC21do09_qIWI7puOOjyVr6nEC3pjfxcCg1YdPhhfWXfnZ9OeQG92nWla8th13COjwWIRGHyOoHNL8UN6DO8n4nCFh20C-E_ZtbpjLJ3SUdz1WZ466zFKPK-fx95_tFk_eiUvjlQniohdrVXoAVAQ17XM1Z-8nzDBINq1qz9xYsQIWn-HMpKbeeXJ4Rabnpy2Q403vjlTd3ItBUYMNRO3QTQ01MIWFNwaq016Wd0uOrZEeLbE5M4Vu5IrABI3q-sOLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeMi9orqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ04uoAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI0NDUyNDgyMTY3ODI5ODMYAA&sigh=wi3MU0CyZmA&uach_m=[UACH]&cid=CAQSPADq26N9av6q8g9CK7xjqAodARB1sRT159QXn8RQzXUkgm4v4PzM1JO9i1Iss0SH9Jt-1fwHfe8z_ttiwRgBIBM&template_id=419
Frame ID: 0BCCCA75C20DB4130FE9291AC17A3419
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67491C8306CB74AB58CBEB1A65D42237
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 59BA5DB5CCC3BC7BDEB5B1648EAA2147
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 04C7524C0D9ADE10F7DBA98612EB424A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: A6E69B147E5DB0C69901D8D2B5D3F9AC
Requests: 24 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=undefined&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fe8ecc54-3409-4aef-9114-fa26ca51685e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 92B8BA77EF0789F074B9273F63C0AFE9
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: CFFC5219C893AD6D4BEC6E56570FD938
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=undefined&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=00a05414-42fd-4695-b5d0-5cd9b06b5374&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CC72FD55CF5720C9BB2C9742D2FA660C
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5BCFC9F2BBC2467076267BCCD6BF2537
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4C26DEEB6CFAEB2D4AC41975897985F5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0A622266377C08AC9A183A1AE63B124
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3F18A24913A84A373D46E172916218D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US version of Pegasus spyware bought and tested by the FBI - 9to5MacGoogle News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

301
Requests

96 %
HTTPS

59 %
IPv6

37
Domains

76
Subdomains

60
IPs

5
Countries

6514 kB
Transfer

15889 kB
Size

22
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.9to5mac.com/store
Title: Store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/9to5mac

Search URL Search Domain Scan URL

URL: https://www.facebook.com/9to5mac/

Search URL Search Domain Scan URL

URL: http://twitter.com/9to5mac

Search URL Search Domain Scan URL

URL: https://instagram.com/9to5mac

Search URL Search Domain Scan URL

URL: https://apple.news/THIO8RUsFTaaGHbdNl6KqOQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/9to5mac.com

Search URL Search Domain Scan URL

URL: https://www.decluttr.com/9to5mac?utm_campaign=9to5mac&utm_medium=referral&utm_source=9to5mac&utm_term=&utm_content=#tradein
Title: Cashback

Search URL Search Domain Scan URL

URL: https://9to5mac.ifixyouri.com/
Title: Fix

Search URL Search Domain Scan URL

URL: https://9to5toys.com/
Title: 9to5Toys

Search URL Search Domain Scan URL

URL: https://9to5google.com/
Title: 9to5Google

Search URL Search Domain Scan URL

URL: https://electrek.co/
Title: Electrek

Search URL Search Domain Scan URL

URL: https://dronedj.com/
Title: DroneDJ

Search URL Search Domain Scan URL

URL: https://www.spaceexplored.com/
Title: Space Explored

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=benlovejoy&original_referer=https%3A%2F%2F9to5mac.com
Title: @benlovejoy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/01/28/magazine/nso-group-israel-spyware.html
Title: New York Times

Search URL Search Domain Scan URL

URL: https://unsplash.com/@bbphotos?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Simerpreet Singh

Search URL Search Domain Scan URL

URL: https://unsplash.com/s/photos/iphone?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
Title: Unsplash

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBggKMLOFATDAGg?hl=en-US&gl=US&ceid=US:en
Title: Add 9to5Mac to your Google News feed. Google News google-news

Search URL Search Domain Scan URL

URL: http://facebook.com/9to5mac
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/9to5mac.com/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/9to5mac
Title: subscribe to our YouTube channel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/9to5mac?sub_confirmation=1
Title: Check out 9to5Mac on YouTube for more Apple news:

Search URL Search Domain Scan URL

URL: https://nordvpn.com/9to5mac
Title: NordVPN

Search URL Search Domain Scan URL

URL: https://amzn.to/3wPKoFz
Title: Dell 49-inch curved monitor

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=9to5mac.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1 HTTP 301
https://btloader.com/tag?h=9to5mac-com&upapi=true

Request Chain 27

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 210

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 254

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 262

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7e9bc92d-6ed6-11ed-8689-1a27ea400206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

Request Chain 265

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7e9ec663-6ed6-11ed-942d-1ce730eb0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

Request Chain 277

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

Request Chain 280

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

Request Chain 291

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

Request Chain 295

https://sb.scorecardresearch.com/c2/20278522/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

301 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/ 105 KB
25 KB 488ms
450ms Document
text/html 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

f403f0d0b079edc5d905f0809df0e2d4cef9d8421a53795fbb8c797f665bc7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 04:38:21 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://9to5mac.com/wp-json/>; rel="https://api.w.org/" <https://9to5mac.com/wp-json/wp/v2/posts/784062>; rel="alternate"; type="application/json" <https://9to5mac.com/?p=784062>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: miss
x-distributor: yes
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 0 4 9980

GET
H2 200 adsbygoogle.js Show response
9to5mac.com/wp-content/themes/9to5-2015/assets/js/ 21 B
154 B 9ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/adsbygoogle.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 16:07:26 GMT
server: nginx
age: 3503841
etag: "633dabbe-15"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 /
9to5mac.com/_static/ 108 KB
15 KB 10ms
6ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??-eJyNj9EKwjAMRX/ILgxx6IP4LV0atmralSZD+vd2E2UDH3y8yT3JvfBMxkfk2ZEAioDzotDzhA/Dvs82FxAtTE3wsamGA2yJu0Ag5y0xBYq6E4ltoWyYBovlP7zutnoH4RR1fTGbxPPgo4CQzTgCsRX1mDJ98i9Fch0rOZMmUTHvRmsT+Z1lYbBeEo9Gx/r/67uFa9t1l/Z4OZ27FyeYcfU=

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 19:44:35 GMT
server: nginx
age: 462969
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15666

GET
H2 200 darkmode.css
9to5mac.com/wp-content/themes/9to5-2015/assets/css/ 41 KB
6 KB 11ms
7ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/assets/css/darkmode.css?m=1669139384g

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 18:14:12 GMT
server: nginx
age: 371463
etag: W/"637bbff4-a500"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5622
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 04:38:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 /
9to5mac.com/_static/ 425 KB
84 KB 16ms
13ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??-eJyVjEkKgDAQBD9kHBfichDfEuJAgkkUekT8vaLgPbeGqmo6d2W3JJyExHFk0CibVk1VazIAC8gChODtWj6roJxCvUZeJ1dglNGnP/PJhmPhjy8Gzj9HvzLHqe66sWmHvtc3AOFIxA==

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 21:26:15 GMT
server: nginx
age: 371463
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 85879

GET
H2 200 / Show response
9to5mac.com/_static/ 102 KB
35 KB 11ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-includes/js/jquery/jquery-migrate.min.js,/wp-content/themes/9to5-2015/assets/js/vendor/darkmode.js?m=1669139384j

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6cb4e5459b8592b083b9ad65323531f8bef596f9f1175adfd98c8bcdb05f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 18:14:12 GMT
server: nginx
age: 371463
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35649

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
https://btloader.com/tag?h=9to5mac-com&upapi=true

13 KB
6 KB

42ms
16ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=9to5mac-com&upapi=true
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ddbae80f8d0be759f52ce9dd6245357a62563ce38c0d3f6523e99e129b862f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 03:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3259
etag: W/"c3305865233f2a065ea394a803d4a533"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRhzCG8APLy4M2REu7KcSEcTxLJIvCvgSHVdkN0to00wU5p1aHJg74JU7F6jhRPV2nC24kLDaig5JZ7MXpkEmJRYjMmjMBmsKXkuM7tR1GCNT6RRvRN%2Fvqt2zQkfk1VSVKwiL5p3ZUfUfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 771069dfe94c9a06-FRA

Redirect headers

date: Mon, 28 Nov 2022 04:38:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdVrktV7mSqKi0kszkfNHEOy44%2BA1qcnoy1ndVL%2BHIRWEsludDMUIOvQ1Ed1CCjOlWWcOCt90W%2Fo4UkM07AfPlgt4uZlMDLczMoe7e56lPVhLHhKZTq7frp4UXDz4naam4zJP5K6yi7PKlU61wSBksz225J4UltPHjjV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=9to5mac-com&upapi=true
cache-control: max-age=3600
cf-ray: 771069df99bb5b8c-FRA
expires: Mon, 28 Nov 2022 05:38:21 GMT

GET
H2 200 adapter.js Show response
assets.a-mo.net/js/ 98 KB
36 KB 56ms
21ms Script
text/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/adapter.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f0ba0f89aacc80428c7ccb9a0bc87a2ab4d7cf7149a8056bd74a53e4a2f036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
via: 1.1 dc0383f8a7f988bb3d615f033fbb4aac.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: LHR62-C3
age: 490
x-cache: Hit from cloudfront
last-modified: Fri, 23 Oct 2020 19:31:54 GMT
server: cloudflare
etag: W/"0d8e5fd90e537bfc6ab28bae6c236f83"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 771069df8e7d9962-FRA
x-amz-cf-id: OL4VO-lSGKpDzt_pNGURIsGlbMv69JNl0lhIRoQ2ZOSfas-2DcnwwA==
expires: Mon, 28 Nov 2022 05:38:21 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 137ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1405 / 52 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 prebid1.20.0.js Show response
9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/ 107 KB
33 KB 14ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4136ce48fe46a8abc46955ba0309afb0a2e0f8446750d4916b0b0340d594d6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 16:07:26 GMT
server: nginx
age: 3503841
etag: W/"633dabbe-1aae0"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33717
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 184ms
74ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4966678ef68d93add07ae12f2ac8fae8a7a411ddc854f66a046b232445e4cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49596
x-xss-protection: 0
server: cafe
etag: 7264734428583623681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 cropped-cropped-9to5-mac-logo-min1.png
9to5mac.com/wp-content/uploads/sites/6/2018/10/ 9 KB
9 KB 15ms
9ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2018/10/cropped-cropped-9to5-mac-logo-min1.png

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ccdb4f9af6f32b53e02ae440bff95717369c92d864cbdceb54f5f5aff5ef17dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 144 443
last-modified: Wed, 23 Nov 2022 13:34:54 GMT
server: nginx
etag: "27c771bee9444c19"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9468
expires: Thu, 23 Nov 2023 13:34:54 GMT

GET
H2 200 vip-powered-light-small.png
9to5mac.com/wp-content/mu-plugins/vip-helpers/images/ 2 KB
2 KB 17ms
11ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-light-small.png?ver=20220317

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 03 Oct 2022 21:21:30 GMT
server: nginx
age: 3555710
etag: W/"633b525a-843"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2138
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 push.js Show response
cdn.9to5terminal.com/ 7 KB
2 KB 71ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.9to5terminal.com/push.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea1bc2b2eed432feaa23056be7d9d14425b94c8f4ffff8bdaca7b79a697158b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H4XQJ4P8T2VDQNA2
age: 6662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a5nFiEkVAiZy7jhm9XZvIJ4+pkqooMCbJdM9Oa33gBu6Jo0H2bWTu+fxq7cbnADKYFjFjL1sPUg=
last-modified: Tue, 14 Jan 2020 09:51:05 GMT
server: cloudflare
etag: W/"70fb6607d95585f326a54fb54f2e071e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rluVpVgUJXpsb5Ds%2BrepOn9OAPBmEhpov%2FS6wPfDHtj1qJU5XQvpzkqdSuYnn1gi2dGPwEWqZd8FKVG%2B2leT%2FaE1Kcx1miEO2E6csQJXVJ8lyJzWy8DCMkljPpTQEqD64f%2BOjQAN%2BDTyCLJnJizqBAQyQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 771069e0af8fbbda-FRA

GET
H2 200 / Show response
9to5mac.com/_static/ 103 KB
31 KB 6ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??-eJyVkc1OAzEMhF+IrFnKVuwB8ShoN/G2XhI7jZ2i8vSkSD0gyt/Z841nNPCanRc2ZAPbY0KF0WRwd7f9AJMqmsKqkCRgYXorTqrlat2qN/A3lInRZKEjdon4HyDxQkyGTn2RGF0uOFO4ZpJj3RErBNJDVch1juTPFl5SaoJnL5W/ZP6VwjRjuFDEPtaAH8kaYXBEDlKg4A4Zy2RSXGlfKH3q+R3WTlniaaEYf5TvRV70WudU3aXA2WsqivHkNt0Ac6UYIMrUJmvUU3rst9ux34zDw/36DtcItb8=

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9215e17df92fe30d4f82d37a1c2a592060840e4534501aa62ee3b8295c02dbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 22 Nov 2022 17:53:04 GMT
server: nginx
age: 371410
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32002

GET
H2 200 p.js Show response
cdn.parsely.com/keys/9to5mac.com/ 50 KB
19 KB 47ms
9ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/9to5mac.com/p.js?ver=3.5.2
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b0df4d607500f22c2ab2cca5a36c2a787f28bbcd36c3d284a78a671ddace7ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: public
date: Sun, 27 Nov 2022 19:09:02 GMT
content-encoding: gzip
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 20:29:51 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 34158
etag: W/"619bfdbf-c8aa"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: C6AiVnSPMa82EgJbqrCdxlqKTzCef_pNIK7m0D2_fmJtloGVkCponA==
expires: Mon, 28 Nov 2022 19:09:02 GMT

GET
H2 200 / Show response
9to5mac.com/_static/ 9 KB
4 KB 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??/wp-content/plugins/pushup/js/pushup.min.js,/wp-includes/js/comment-reply.min.js,/wp-content/themes/9to5-2015/assets/js/vendor/stickybits.min.js?m=1669139384j

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0b3cf9af12ee8508f16a0585a505d12a48bd7276a31d0f7e642a6bb5e82e1eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 22 Nov 2022 17:49:44 GMT
server: nginx
age: 371410
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3778

GET
H2 200 mediaelement-and-player.min.js Show response
9to5mac.com/wp-includes/js/mediaelement/ 154 KB
38 KB 14ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Nov 2022 01:44:19 GMT
server: nginx
age: 2199056
etag: W/"6361cb73-26935"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38823
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 / Show response
9to5mac.com/_static/ 2 KB
962 B 14ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeHo5mamFyWWpOrlZubpZRXr6OPTCJRD5kP12OfaGpqZWZiaGJqYm2YBAA7eLGM=

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 19:44:35 GMT
server: nginx
age: 466318
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 921

GET
H2 200 e-202248.js Show response
stats.wp.com/ 9 KB
3 KB 35ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202248.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 20 Nov 2023 00:47:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
68 KB 182ms
91ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M48W9J

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

667875e96abe467776ed6bfd14a9227bb6a87bff91afc20c5024bdb1755e4709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69914
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
41 KB 138ms
47ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5T6XC3

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c49ead6cf8abfb76c0244bc9e907f147995a5b2b48e58586ce7d3e9d0e39e9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41703
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 wp-emoji-release.min.js Show response
9to5mac.com/wp-includes/js/ 18 KB
5 KB 14ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 19:44:36 GMT
server: nginx
age: 1063539
etag: W/"6373ec24-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5004
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
948 B 62ms
20ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745488
x-guploader-uploadid: ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3divz%2FjR5IziyfyiwK5EgA536tQANdvpdFMg1JPhwbi24oFwE%2FNi44BIEU2J8tU7SEcDFdhrEU3%2FgEazIK9aW%2BIyozbR3EhlMmJSt3%2B3%2BJQ3GvYpvJ9kVTGvzJBlHYOvQOxm5clNK0RqzHeag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 771069e09cd9bb4a-FRA
expires: Sat, 19 Nov 2022 14:29:22 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 146ms
37ms Image
image/x-icon 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 12:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Nov 2022 12:59:37 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 63ms
22ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5894751280104895
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745488
x-guploader-uploadid: ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB1IhR0SwT5CfQnAHMRbYWpv3rPw63gdni00dpHShDWZbO7Dgbe1UKg%2BMlz%2FXlgX%2B9wqrfv3Qk%2BR6Au9%2B7s5ozmeUBgeINyw5fLMSBziLfX14qRjIAW1T7nuZoUoo5PXQav9RVrq5TsOvwoeew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 771069e09cddbb4a-FRA
expires: Sat, 19 Nov 2022 14:29:22 GMT

GET
H/1.1 200
OK embedded.js Show response
d35xxde4fgg0cx.cloudfront.net/assets/ 44 KB
23 KB 45ms
8ms Script
application/javascript 2600:9000:236e:8000:9:674:7440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d35xxde4fgg0cx.cloudfront.net/assets/embedded.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:8000:9:674:7440:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b730c64c44e77c40ebc8d01c3a380570b802f6f61f271d716c387991635b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000
Content-Encoding: gzip
Via: 1.1 vegur, 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
Date: Mon, 28 Nov 2022 03:33:51 GMT
X-Amz-Cf-Pop: FRA60-P1
Age: 3882
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22908
Last-Modified: Thu, 24 Nov 2022 09:03:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
CF-RAY: 76f124ea49e790c6-FRA
X-Amz-Cf-Id: 4k-0iTthhJxRfRWpHEbCmhaSNFEa27Mgi8bDk1FqZh5Oel8yBczWqw==

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
40 KB

650ms
226ms

Script
application/javascript

2600:9000:238c:8600:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Server: 2600:9000:238c:8600:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 03:41:51 GMT
content-encoding: br
via: 1.1 aaa88d2438e547ab91716d4225b08e20.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:51 GMT
server: AmazonS3
x-amz-cf-pop: BOM78-P6
age: 3392
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: jItRyv5bmqDRrvu39WSXXiC-4PeHu7_GhS6aK54CiYF8eN2YBIYBKQ==

Redirect headers

date: Mon, 28 Nov 2022 00:42:24 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA60-P1
age: 14157
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: ikpaHqGwhrVMLvbqlwbPvt5tS_EV23NcZhwLQ7bk7OR0ZMoneBGsSQ==

GET
H2 200 svg-sprite-2020.svg
9to5mac.com/wp-content/themes/9to5-2015/images/ 75 KB
22 KB 14ms
11ms Other
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/images/svg-sprite-2020.svg?ver=1669139384

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
x-rq: hhn2 0 4 9980
last-modified: Tue, 22 Nov 2022 17:49:44 GMT
server: nginx
strict-transport-security: max-age=31536000
age: 192
etag: W/"637d0bb8-12bb2"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22685
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 125ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 228208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 134ms
47ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 376076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 211ms
126ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 202561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 20:22:20 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 top-leaderboard-bg.png
9to5mac.com/wp-content/themes/9to5-2015/images/ 374 B
425 B 6ms
6ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/images/top-leaderboard-bg.png

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
x-rq: hhn2 0 4 9980
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 16:07:26 GMT
server: nginx
age: 3555710
etag: "633dabbe-176"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 374
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 152ms
110ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:27:19 GMT
x-content-type-options: nosniff
age: 202262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 20:27:19 GMT

GET
H2 200 9to5.woff2
9to5mac.com/wp-content/themes/9to5-2015/assets/fonts/ 2 KB
2 KB 7ms
6ms Font
application/font-woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5mac.com/wp-content/themes/9to5-2015/assets/fonts/9to5.woff2?r027eh

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/_static/??-eJyVjEkKgDAQBD9kHBfichDfEuJAgkkUekT8vaLgPbeGqmo6d2W3JJyExHFk0CibVk1VazIAC8gChODtWj6roJxCvUZeJ1dglNGnP/PJhmPhjy8Gzj9HvzLHqe66sWmHvtc3AOFIxA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://9to5mac.com/_static/??-eJyVjEkKgDAQBD9kHBfichDfEuJAgkkUekT8vaLgPbeGqmo6d2W3JJyExHFk0CibVk1VazIAC8gChODtWj6roJxCvUZeJ1dglNGnP/PJhmPhjy8Gzj9HvzLHqe66sWmHvtc3AOFIxA==
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
age: 192
x-cache: hit
content-length: 2287
x-rq: hhn2 0 4 9980
last-modified: Tue, 22 Nov 2022 17:49:44 GMT
server: nginx
etag: W/"637d0bb8-8d8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:38:21 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 135ms
93ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 11:25:53 GMT
x-content-type-options: nosniff
age: 580348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:25:53 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 121ms
79ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 23:46:25 GMT
x-content-type-options: nosniff
age: 103916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 23:46:25 GMT

GET
H2 200 US-version-of-Pegasus-was-bought-and-tested-by-the-FBI.jpg
i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2022/01/ 27 KB
27 KB 270ms
245ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5mac.com/wp-content/uploads/sites/6/2022/01/US-version-of-Pegasus-was-bought-and-tested-by-the-FBI.jpg?w=2000&quality=82&strip=all&ssl=1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8bfeca6ea4b8303c8049e80d773e66416968e2a1efa35024324a113493edce6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Mon, 28 Nov 2022 04:38:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 04:38:21 GMT
server: nginx
etag: "0e6822bef74eaedc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5mac.com/wp-content/uploads/sites/6/2022/01/US-version-of-Pegasus-was-bought-and-tested-by-the-FBI.jpg>; rel="canonical"
content-length: 27662
expires: Wed, 27 Nov 2024 16:38:21 GMT

GET
H2 200 HvuVDebeKGE Show response
www.youtube.com/embed/ Frame BC8E 43 KB
13 KB 447ms
330ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc04012ffaeb218a2a0d95ed2da41d7f479170c4ed21055d377b467f6969427f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 102 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: text/css;charset=UTF-8

GET
H/1.1 200
OK count.js Show response
9to5maccom.disqus.com/ 1 KB
2 KB 39ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5maccom.disqus.com/count.js

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/_static/??-eJyVkc1OAzEMhF+IrFnKVuwB8ShoN/G2XhI7jZ2i8vSkSD0gyt/Z841nNPCanRc2ZAPbY0KF0WRwd7f9AJMqmsKqkCRgYXorTqrlat2qN/A3lInRZKEjdon4HyDxQkyGTn2RGF0uOFO4ZpJj3RErBNJDVch1juTPFl5SaoJnL5W/ZP6VwjRjuFDEPtaAH8kaYXBEDlKg4A4Zy2RSXGlfKH3q+R3WTlniaaEYf5TvRV70WudU3aXA2WsqivHkNt0Ac6UYIMrUJmvUU3rst9ux34zDw/36DtcItb8=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 228
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 17 Nov 2022 15:05:16 GMT
Server: nginx
ETag: "63764dac-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: LWfy2FfEi2ZtlA-I5s7kYZRPm5MqV4W-F6U8t8L2xaTF9u8dIrU2gg==

GET
H/1.1 200
OK embed.js Show response
9to5maccom.disqus.com/ 78 KB
26 KB 206ms
173ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5maccom.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

34f1c145f84b4de1df562f9dd8906a0d8acf2ec67ce25e258f85e10dd0def9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25680

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 141ms
28ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1669610301617&plid=31343379&idsite=9to5mac.com&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&sref=&sts=1669610301613&slts=0&title=US+version+of+Pegasus+spyware+bought+and+tested+by+the+FBI+-+9to5Mac&date=Mon+Nov+28+2022+04%3A38%3A21+GMT%2B0000+(GMT)&action=pageview&pvid=75714111&u=pid%3D1d6f0ea6927d2baddcc282a240d4bbf1
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Cache-Control: no-cache
Last-Modified: Monday, 28-Nov-2022 04:38:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 70ms
8ms Script
text/javascript 143.204.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-42.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:22:48 GMT
content-encoding: gzip
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 447334
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28567
x-amz-cf-id: Am5Vh0UJj7fC6_qnAWoMRnRoOTVkUXy_icOIH_PeldEfI9VahwFIUA==

GET
H2 200 apple-iphone-xs-max.jpg
9to5mac.com/wp-content/uploads/sites/6/2019/02/ 3 KB
3 KB 14ms
12ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2019/02/apple-iphone-xs-max.jpg?quality=82&strip=all&w=290&h=145&crop=1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

710e47a70d74095da5e70e8acb621a070ba668809cb3624e40e6b4c6103c2cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 30 443
last-modified: Wed, 23 Nov 2022 14:03:07 GMT
server: nginx
etag: "e00ba2ae1ec936b1"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2818
expires: Thu, 23 Nov 2023 14:03:07 GMT

GET
H2 200 iosprivacy.jpg
9to5mac.com/wp-content/uploads/sites/6/2015/07/ 3 KB
3 KB 14ms
13ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2015/07/iosprivacy.jpg?quality=82&strip=all&w=290&h=145&crop=1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5bc42315677c2770b0f898da48d2a4cd35aeaf1d38659fd93abe1ee1611d8481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 86 443
last-modified: Wed, 23 Nov 2022 15:31:52 GMT
server: nginx
etag: "389544cd168beb7d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3174
expires: Thu, 23 Nov 2023 15:31:52 GMT

GET
H2 200 ecf44b2f82be1cf21f8195025f24b89b
secure.gravatar.com/avatar/ 5 KB
5 KB 46ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/ecf44b2f82be1cf21f8195025f24b89b?s=128&d=mm&r=r
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f967f046fa64a3078439c0062934126f61d930323ffce8f4f9b630d3dfd4a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 28 Nov 2022 04:38:21 GMT
last-modified: Mon, 03 Aug 2020 12:49:10 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ecf44b2f82be1cf21f8195025f24b89b.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ecf44b2f82be1cf21f8195025f24b89b?s=128&d=mm&r=r>; rel="canonical"
content-length: 5095
expires: Mon, 28 Nov 2022 04:43:21 GMT

GET
H2 200 default-9to5mac-guide.jpg
i0.wp.com/9to5mac.com/wp-content/themes/9to5-2015/images/ 2 KB
2 KB 15ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5mac.com/wp-content/themes/9to5-2015/images/default-9to5mac-guide.jpg?resize=300%2C175&quality=82&strip=all&ssl=1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8a88ee757d12bf1d417693d6603ed611a28fd3a1e62ecea097efbef7da66f524

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 28 Nov 2022 04:38:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Nov 2022 21:13:31 GMT
server: nginx
etag: "13dba20696d1b8cd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5mac.com/wp-content/themes/9to5-2015/images/default-9to5mac-guide.jpg>; rel="canonical"
content-length: 2138
expires: Tue, 05 Nov 2024 09:13:31 GMT

GET
H2 200 81ZXKUvoyuL._AC_SL1500_.jpg
i0.wp.com/m.media-amazon.com/images/I/ 10 KB
11 KB 16ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/m.media-amazon.com/images/I/81ZXKUvoyuL._AC_SL1500_.jpg?resize=300%2C175&quality=82&strip=all&ssl=1

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

cc030adabd4fa29e51fa09d90dac1075a62bbc57183f1f35475b78a99a8db1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Mon, 28 Nov 2022 04:38:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 14:41:42 GMT
server: nginx
etag: "1f5cf018a6d96a0d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://m.media-amazon.com/images/I/81ZXKUvoyuL._AC_SL1500_.jpg>; rel="canonical"
content-length: 10644
expires: Sun, 01 Sep 2024 02:41:42 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 28ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=146091842&post=784062&tz=-8&srv=9to5mac.com&hp=vip&j=1%3A11.5.1&host=9to5mac.com&ref=&fcp=780&rand=0.4495917195605559
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 04:38:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 cybermonday-2.jpg
9to5mac.com/wp-content/uploads/sites/6/2022/11/ 57 KB
57 KB 8ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2022/11/cybermonday-2.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b1c32c7964c0e37873b3e92963ada17ab49f3a4d53329a0235cedd4d0c6afc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 27 443
last-modified: Sat, 26 Nov 2022 13:37:44 GMT
server: nginx
etag: "87f0626f87221c80"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 58086
expires: Sun, 26 Nov 2023 13:37:44 GMT

GET
H2 200 apple-shopping-event.jpg
9to5mac.com/wp-content/uploads/sites/6/2022/11/ 22 KB
22 KB 8ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2022/11/apple-shopping-event.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4b4363a8c3d40f6eeab66f1afc7aafb0335cfbf44ba6a24648db49bbe66e6144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 83 443
last-modified: Thu, 17 Nov 2022 12:37:45 GMT
server: nginx
etag: "98891484133b5692"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22686
expires: Fri, 17 Nov 2023 12:37:45 GMT

GET
H2 200 how-to-charge-apple-pencil.jpeg
9to5mac.com/wp-content/uploads/sites/6/2022/08/ 49 KB
49 KB 9ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2022/08/how-to-charge-apple-pencil.jpeg?quality=82&strip=all&w=1280

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

46eb3539529b6b215b75da8fe55ac247a1ab47d3f84ae1a27dd12b6d5fdbec1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 142 443
last-modified: Thu, 24 Nov 2022 05:34:48 GMT
server: nginx
etag: "edbb18acffcb4c12"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49886
expires: Fri, 24 Nov 2023 05:34:48 GMT

GET
H2 200 apple-arcade-spongebob-solitairepants.jpg
9to5mac.com/wp-content/uploads/sites/6/2022/11/ 30 KB
30 KB 9ms
8ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5mac.com/wp-content/uploads/sites/6/2022/11/apple-arcade-spongebob-solitairepants.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb616d9de902dde2d730bad73bcc366c829be77728dbbc56ad688eaf272380d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 88 443
last-modified: Fri, 25 Nov 2022 14:22:49 GMT
server: nginx
etag: "dcb1e0230dd95377"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30778
expires: Sat, 25 Nov 2023 14:22:49 GMT

OPTIONS v1
dmx.districtm.io/b/ Frame 0
0

POST
H2 204 / Show response
prebid.a-mo.net/a/c/ 0
274 B 132ms
94ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c/
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5mac.com
date: Mon, 28 Nov 2022 04:38:20 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 80
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 arj Show response
nineto5mac-d.openx.net/w/1.0/ 73 B
375 B 162ms
69ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nineto5mac-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&dddid=cd757044-5554-4727-85d9-62b184427de6&nocache=1669610301725&aus=970x250%2C970x90%2C300x250%2C728x90&bc=hb_pb_2.1.3&divIds=%252F1049447%252F9to5mac-300x250-TopSidebarMain-R&auid=538487355&
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 876bfa3757fa1284033751b480be6f5a014d9587431448f02943c07201e62ec5

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://9to5mac.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 61ms
15ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
AN-X-Request-Uuid: 3ceeeecf-4e2c-4694-8948-9b31f77cb736
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://9to5mac.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
643 B 81ms
20ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_1.20.0
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 8c5fa2b9ec22342d8d82f49a68e465f84abdf68da3dbb790d15ad81303f977c6

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://9to5mac.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST v1
dmx.districtm.io/b/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
740 B 58ms
14ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/wp-content/themes/9to5-2015/assets/js/vendor/prebid1.20.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
AN-X-Request-Uuid: 9fc4ecdf-faea-469a-b768-6b18f7d0a2bf
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://9to5mac.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 214ms
141ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 216ms
143ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=MYIWw9vo&w=5726439195279360&o=5740908856213504&cv=2.1.0&r=false&vr=1600x1200&pageURL=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&upapi=true
Requested by: Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 04:38:21 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H/1.1 200
OK count-data.js Show response
9to5maccom.disqus.com/ 278 B
861 B 97ms
96ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5maccom.disqus.com/count-data.js?1=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3faed0c129699bd6194b26b18305d3d7dac9de24f42d67478b6e5301b58b65fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 134
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 278
X-XSS-Protection: 1; mode=block

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 160ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 21:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 21:49:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 250 B
758 B 169ms
48ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=9to5mac.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7c8566662967d066c0faf5c095f2599840173f1c4ea6fce45ef03a1877b294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2445248216782983&plah=9to5mac.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 14711636192095985952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 14FD 10 KB
5 KB 136ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Sun, 11 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 138ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M48W9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 03:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4947
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 28 Nov 2022 05:15:54 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 74ms
9ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M48W9J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 05 Dec 2022 04:38:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 62ms
55ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J70SYZBTQ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5T6XC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cadfa9c7248977a33b70cfbed2a03067cc7b762cfcdabbc7d9d0a3fcad833d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 04:38:21 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/16178437623bc61c/ 0
1 KB 197ms
61ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/16178437623bc61c/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M48W9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-IyPhKl9jCLifKOwFFk6V5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-IyPhKl9jCLifKOwFFk6V5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorContributorHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorContributorHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorContributorHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 28 Nov 2022 04:38:22 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 39ms
8ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20278522&ns__t=1669610301871&ns_c=UTF-8&c8=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&c7=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&c9=
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:21 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZwUL91Ch8UmzmH7rRhf1hgOjhJzcv60qD8rcdhxFH58B8SXBFdb-kg==
x-cache: Miss from cloudfront

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 306 B
750 B 137ms
36ms XHR
text/javascript 34.246.116.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.116.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-116-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 5a1ebd3744235569a13687de1e99a1bd43618fea41b5da60ea8adecf28669bdd

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://9to5mac.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 lounge.47e4fd006c53c48067dd9a5876181d2d.css
c.disquscdn.com/next/embed/styles/ 0
31 KB 59ms
8ms Other
text/css 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 371904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 30650
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-77ba"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: okKWnoSNfZ-uK3wjkcNFd0Yc5N7fd_PXSZqouDTJdn6A3gfLJ5Fasg==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H2 200 common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js
c.disquscdn.com/next/embed/ 0
93 KB 65ms
14ms Other
application/javascript 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 14 Nov 2022 23:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1142061
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94854
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 14 Nov 2022 23:10:44 GMT
server: nginx
etag: "6372caf4-17286"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: d4ChLgI76eblfiqktNWvhSVQ6Oal9OK4lz2b9snKMmZRjs2nmpg5yw==
expires: Tue, 14 Nov 2023 23:24:00 GMT

GET
H2 200 lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js
c.disquscdn.com/next/embed/ 0
126 KB 75ms
25ms Other
application/javascript 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 371904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 128551
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1f627"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: jX6fzTE9O0a_-858TjpxKXVZF8s5OucWe2wrkn8mm1PUqHlgbasT_w==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 38ms
7ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:21 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16810
X-XSS-Protection: 1; mode=block

GET
H2 200 rules-p-18TTuBOnUhD7c.js Show response
rules.quantcount.com/ 160 B
633 B 54ms
11ms Script
application/javascript 2600:9000:223c:b800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-18TTuBOnUhD7c.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:b800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:15:42 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:17:51 GMT
server: AmazonS3
etag: "5bf9ece14f1402b9d9ef75c1c1280a16"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: wqQfCkByrZCNeF5XHFTPacoWrPwNOHoalFQTzN4J5BE1q2QcEWXkxg==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
466 B 96ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=9to5mac.com&callback=_gfp_s_&client=ca-pub-2445248216782983&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2445248216782983&plah=9to5mac.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471dc315d0e39f671ae55d2b85ae658ab38d7ee9eac6839bd07eb6243a0da0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5mac.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5mac.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
76ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&tn=HEADER&id=js-site-header&cls=site-header%20js-header-normal&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD55 7 KB
938 B 190ms
113ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&adk=1812271804&adf=3025194257&lmt=1669610302&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301823&bpp=4&bdt=532&idt=163&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=47243702042&frm=20&pv=2&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e839334d0e108c9d68da2108e439b261d77a141849de189bf5fbf9495a604e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 915
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:22 GMT
expires: Mon, 28 Nov 2022 04:38:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAF4 64 KB
21 KB 805ms
749ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=466652548&adf=938554&w=336&fwrn=4&fwrnh=100&lmt=1669610302&rafmt=1&format=336x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301827&bpp=3&bdt=537&idt=198&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=omd4cX6zW1&p=https%3A//9to5mac.com&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47f42fff67620f64a31667e6cc4151247a20660561d01065a852699f57877311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:22 GMT
expires: Mon, 28 Nov 2022 04:38:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 125ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J70SYZBTQ7&gtm=2oeb90&_p=130576104&cid=2015005901.1669610302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669610302&sct=1&seg=0&dl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&dt=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J70SYZBTQ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4eb6b35d/ Frame BC8E 359 KB
49 KB 125ms
40ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 03:47:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49788
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Nov 2023 03:47:48 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/ Frame BC8E 312 KB
97 KB 166ms
81ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 564352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99035
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:52:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame BC8E 2 MB
580 KB 183ms
98ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 564342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 593364
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:52:40 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/ Frame BC8E 9 KB
3 KB 180ms
95ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 05:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 27 Nov 2023 05:02:01 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 30ms
30ms Script
image/gif 34.246.116.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=c1c7d488bb2df8a8b659d5d41634d304
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.116.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-116-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 45ms
29ms Image
image/gif 34.246.116.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=c1c7d488bb2df8a8b659d5d41634d304
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.116.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-116-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 5621 21 KB
6 KB 174ms
174ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default

Requested by

Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4faddca038ae675c1f5d2b56a33d014ca00c52fb03a8e94bb67e8b0527b94913

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5112
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 28 Nov 2022 04:38:22 GMT
ETag: W/"lounge:view:8993356804.23dd5bf25eb806137baab792747ee938.2"
Last-Modified: Wed, 23 Nov 2022 04:16:46 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 196ms
134ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=9to5maccom&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23316ea4&colorScheme=light&sourceUrl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&disqus_version=current
Requested by: Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 4a5ae3078cab372da6ae6921c496416e27226b65572165603f029ae4dfbf5e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:22 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9102

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 182ms
131ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=9to5maccom&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23316ea4&colorScheme=light&sourceUrl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&disqus_version=current
Requested by: Host: 9to5maccom.disqus.com
URL: https://9to5maccom.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 8527e38c62e1e1e7ca60a5588a8a74ef66459bc12ad63ecef990edd35d6355ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:22 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9104

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 142ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8t154f32om2g9t&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=9to5maccom&zone=thread&version=58bc6c863668afd714b59e604f38eefb&page_url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1419200

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 142ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8t154f32om2g9t&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=9to5maccom&zone=thread&version=58bc6c863668afd714b59e604f38eefb&page_url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1419200

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC8E 15 KB
15 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 465415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BC8E 15 KB
15 KB 130ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 466714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Nov 2023 18:59:48 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 106 B
550 B 35ms
30ms XHR
text/javascript 34.246.116.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.116.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-116-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 97adbdf3f7638eb423844ad954304ea74e5a6f8181d661c506c8f916f28914e8

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 28 Nov 2022 04:38:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://9to5mac.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 106
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
529 B 158ms
47ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9to5mac.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 529 B
300 B 156ms
75ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755455747985498&correlator=1720372730516734&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=1049447%2C9to5mac_Signal_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1007501201&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669610302271&lmt=1669610302&dlt=1669610301290&idt=944&adxs=0&adys=385&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&frm=20&vis=1&psz=1600x270&msz=0x-1&fws=4&ohw=1600&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aa5622bdc7932f26223cce75ec9cacaf737827e9ca5dcfa4eb2790021df9e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94D3 6 KB
3 KB 179ms
48ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:22 GMT
expires: Tue, 28 Nov 2023 04:38:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1440801982;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F;uht=2;fpan=1;fpa=P0-2115403895-1669610301963;pbc=;ns=0;ce=1;qjs=1;...
pixel.quantserve.com/ 35 B
371 B 26ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1440801982;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F;uht=2;fpan=1;fpa=P0-2115403895-1669610301963;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=9to5mac.com;dst=0;et=1669610302285;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%252C%20but%20neve%2Cdescription.A%20special%20US%20version%20of%20Pegasus%20smartphone%20spyware%20was%20created%20by%20NSO%252C%20and%20purch%2Curl.https%3A%2F%2F9to5mac%252Ecom%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F%2Csite_name.9to5Mac%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2F9to5mac%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F6%2F2022%2F01%2FUS-version-of-P%2Cimage%3Awidth.3000%2Cimage%3Aheight.1500%2Cimage%3Atype.image%2Fjpeg;ses=c6036ff8-88d3-421a-b878-9db3db2ef03b

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw Show response
fundingchoicesmessages.google.com/f/ 18 KB
8 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3147244e402afe8b4aae6b0fd084ae90551a150fb3d5b18f081805765e479197

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1BbZ2iWZuMYRq_ZEEnhpPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1BbZ2iWZuMYRq_ZEEnhpPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame D9C5 282 KB
57 KB 38ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 72df2525cbf95018eb83447b72cee293689e8ac2ef07cf99b81804e499fb8139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: jgrdkNvC0bCiuvi1aPb2iVe466bPFoCn
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:22 GMT
x-amz-request-id: RA30EVJKXD4YH8TH
age: 7371
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
content-length: 58239
x-amz-id-2: /Xd49B+Dwur4iF09D5O6rIIhrgG52Xt5iocBdXlL8SoSgJgEsM6i5bgS/yMaS2wqdmIIZuofYbc=
x-served-by: cache-hhn4064-HHN
last-modified: Sun, 27 Nov 2022 14:23:58 UTC
server: nginx
x-timer: S1669610302.380241,VS0,VE1
etag: "d3b1d2ec8eeded806f23f0cb7e97c715114b0768"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 11
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame D241 282 KB
57 KB 25ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 72df2525cbf95018eb83447b72cee293689e8ac2ef07cf99b81804e499fb8139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: jgrdkNvC0bCiuvi1aPb2iVe466bPFoCn
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:22 GMT
x-amz-request-id: RA30EVJKXD4YH8TH
age: 7371
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
content-length: 58239
x-amz-id-2: /Xd49B+Dwur4iF09D5O6rIIhrgG52Xt5iocBdXlL8SoSgJgEsM6i5bgS/yMaS2wqdmIIZuofYbc=
x-served-by: cache-hhn4064-HHN
last-modified: Sun, 27 Nov 2022 14:23:58 UTC
server: nginx
x-timer: S1669610302.380335,VS0,VE1
etag: "d3b1d2ec8eeded806f23f0cb7e97c715114b0768"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 11
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 lounge.load.58bc6c863668afd714b59e604f38eefb.js Show response
c.disquscdn.com/next/embed/ Frame 5621 958 B
1 KB 24ms
7ms Script
application/javascript 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.58bc6c863668afd714b59e604f38eefb.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b51a795671380c9b4dc816b657dd48c2653b1d9f99944984cf85306f195dbb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 371904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 495
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1ef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: TEaPiaqhh0X8nCKzhnMMCEWj0s5ThPVgNz8RHnnwJM5djroEKCM41A==
expires: Thu, 23 Nov 2023 21:19:58 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
458 B 181ms
48ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9to5mac.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 138ms
54ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5mac.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 135ms
58ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5mac.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E153 135 KB
44 KB 649ms
648ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd1f0ef5089a56583e6f712d0ff2084236d1659e68118b62b614913a6019c09

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI---IeH0PsCFXbsEQgdg80Avw&gqi=PjuEY4HXHJG_9u8PuZmlsAs&layout=/sadbundle/%24csp%253Der3%24/9429700965190154635/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 45099
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI---IeH0PsCFXbsEQgdg80Avw&gqi=PjuEY4HXHJG_9u8PuZmlsAs&layout=/sadbundle/%24csp%253Der3%24/9429700965190154635/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js Show response
c.disquscdn.com/next/embed/ Frame 5621 282 KB
93 KB 8ms
8ms Script
application/javascript 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.58bc6c863668afd714b59e604f38eefb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff41638e427ea9c796df6097be56a8d87998e40e755f5f9655232ceae785181a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 14 Nov 2022 23:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1142062
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94854
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 14 Nov 2022 23:10:44 GMT
server: nginx
etag: "6372caf4-17286"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 3p5DY-V_Jegu_nYq-cxCS-Vd67eBTkgi7wqyX4sKPb97lFnA3_-HtA==
expires: Tue, 14 Nov 2023 23:24:00 GMT

GET
H2 200 impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js Show response
cdn.taboola.com/libtrc/ Frame D9C5 692 KB
144 KB 16ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5d84e8c5853347349ceb41d356393ffcffb54de397aa23ccbad73f7970e2e20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: arjkLLTaCClgeGv0MeeohXif.U6Svc27
content-encoding: br
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:22 GMT
x-amz-request-id: 7VWH8E916YZKH2ZG
age: 16813
x-cache: HIT
content-length: 146762
x-amz-id-2: b7nVE5ClBK3nEdSuOEpwvfqxDX+NYk3YjQT8hdtdRrTe9rbWhcHf0QtHL6wgJ1ml2yTF7ZQkHoA=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:14:33 GMT
server: AmazonS3-br
x-timer: S1669610303.565908,VS0,VE0
etag: "2fd37163cb542f6171b00d5e06882462"
vary: Accept-Encoding
content-type: application/javascript
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 58

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame D9C5 4 KB
2 KB 18ms
12ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:45:34 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 53569
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: _wZVatERC-sVGzvjfSD-6fWe1UQ3yqMooy8JebHRipyf1mPNktLJAA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame D9C5 3 B
78 B 15ms
9ms Image
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=visibility_test_2_var
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4064-HHN
date: Mon, 28 Nov 2022 04:38:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669610303.566063,VS0,VE0
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame D241 3 B
59 B 31ms
10ms Image
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=visibility_test_2_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4064-HHN
date: Mon, 28 Nov 2022 04:38:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669610303.588627,VS0,VE0
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js Show response
cdn.taboola.com/libtrc/ Frame D241 692 KB
143 KB 24ms
11ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5d84e8c5853347349ceb41d356393ffcffb54de397aa23ccbad73f7970e2e20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: arjkLLTaCClgeGv0MeeohXif.U6Svc27
content-encoding: br
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:22 GMT
x-amz-request-id: 7VWH8E916YZKH2ZG
age: 16813
x-cache: HIT
content-length: 146762
x-amz-id-2: b7nVE5ClBK3nEdSuOEpwvfqxDX+NYk3YjQT8hdtdRrTe9rbWhcHf0QtHL6wgJ1ml2yTF7ZQkHoA=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:14:33 GMT
server: AmazonS3-br
x-timer: S1669610303.588711,VS0,VE0
etag: "2fd37163cb542f6171b00d5e06882462"
vary: Accept-Encoding
content-type: application/javascript
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 59

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame D241 4 KB
2 KB 21ms
12ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:45:34 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 53569
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ub8FNeLcQsqU9I1U9cRBPkBZ6SXpRkllvPv9U9ZYRBRAeJfPtHrOQw==

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame BC8E 113 B
159 B 64ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b483206df30c8cb8addb6e9444130ccd46311971a3b896e3cde1127cd146ccae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BC8E 29 B
588 B 144ms
40ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:35:09 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Nov 2022 04:50:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 122ms
45ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=130576104&t=pageview&_s=1&dl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ul=en-us&de=UTF-8&dt=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAQCAC~&jid=739945411&gjid=623028924&cid=2015005901.1669610302&tid=UA-1493547-1&_gid=135320734.1669610303&_r=1&gtm=2wgb90M48W9J&cg1=fbi%2Ciphone%2Cnso%2Cprivacy&z=956970189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
37ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=130576104&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ul=en-us&de=UTF-8&dt=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User&ea=Color%20Mode&el=Light&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=2015005901.1669610302&tid=UA-1493547-1&_gid=135320734.1669610303&gtm=2wgb90M48W9J&z=1935060154

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 20:43:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28509
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 87ms
38ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=130576104&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ul=en-us&de=UTF-8&dt=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Content%20Category&ea=fbi%2Ciphone%2Cnso%2Cprivacy&el=%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=2015005901.1669610302&tid=UA-1493547-1&_gid=135320734.1669610303&gtm=2wgb90M48W9J&z=477667967

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 20:43:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28509
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 87ms
39ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=130576104&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&ul=en-us&de=UTF-8&dt=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adblocker&ea=inactive&el=%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=2015005901.1669610302&tid=UA-1493547-1&_gid=135320734.1669610303&gtm=2wgb90M48W9J&cd1=inactive&z=1237003445

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 20:43:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28509
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
459 B 77ms
44ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&pid=bZ4WmqGnTpeYc&cb=0&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1049447%2F9to5mac-300x250-TopSidebarMain-R%22%7D%5D&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: J8YZ12J211W6X69ZQRJZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://9to5mac.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: p_Xy2iOkVPb2xi4yBTK38KPoANiwtBmo693cZ-tVBkwcScQa2jj5yg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
7ms XHR
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 03:08:38 GMT
x-amz-cf-pop: FRA60-P1
age: 5519
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: yL5dJtrvDdydJX5njF0WoBwLTnOh5fGGjV0Wo00_uMFz6j2WVNOW0w==

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 129ms
45ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 28 Nov 2022 04:38:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BC8E 66 KB
30 KB 130ms
53ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

912d088e94b69faf48d020bf5473bcbf695060e07fee92cc62d5c3370a6a788f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 28 Nov 2022 04:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31191
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame BC8E 0
19 B 49ms
48ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=ciR9EgnDT450pxRw&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24237296%2C24262732%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162&cl=489849437&seq=1&event=streamingstats&docid=HvuVDebeKGE&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtlMmswX1YtNk42NCi99pCcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669610302500&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:22 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame BC8E 26 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 564122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8297
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:56:20 GMT

GET
DATA 200
OK truncated
/ Frame BC8E 349 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1493547-1&cid=2015005901.1669610302&jid=739945411&gjid=623028924&_gid=135320734.1669610303&_u=YADAAAAAAAQCAC~&z=284848144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 04:38:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EAF4 8 KB
712 B 138ms
52ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=466652548&adf=938554&w=336&fwrn=4&fwrnh=100&lmt=1669610302&rafmt=1&format=336x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301827&bpp=3&bdt=537&idt=198&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=omd4cX6zW1&p=https%3A//9to5mac.com&dtd=205

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 03:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 04:38:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EAF4 2 KB
846 B 145ms
51ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 11:55:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame EAF4 23 KB
10 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 07:15:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EAF4 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:39:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EAF4 18 KB
7 KB 141ms
50ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAF4 154 KB
47 KB 146ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 04:38:23 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame EAF4 34 KB
14 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 15:35:45 GMT

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame D9C5 49 KB
14 KB 394ms
387ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=04%3A38%3A22.976&lti=visibility_test_2_var&data=%7B%22id%22%3A71%2C%22ii%22%3A%22%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669288233151%2C%22vi%22%3A1669610302974%2C%22cv%22%3A%2220221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A9408%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F%22%2C%22vpi%22%3A%22%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%22%2C%22e%22%3A%22https%3A%2F%2F9to5mac.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A960%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A960%2C%22dh%22%3A27%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2F9to5mac.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%229to5maccom%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2F9to5mac.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%229to5maccom%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22visibility_test_2_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d40970930db6c817dec206c7e591251703de197e4d94c7ceb7f60effa70f4e

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 380
date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4064-HHN
server: nginx
x-timer: S1669610303.984067,VS0,VE380
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://9to5mac.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lounge.47e4fd006c53c48067dd9a5876181d2d.css
c.disquscdn.com/next/embed/styles/ Frame 5621 201 KB
31 KB 8ms
7ms Stylesheet
text/css 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da8e1a89b08797ffa3c4df6796414e871f84cbe8191fb6d5f2374e88b116f0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 371905
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 30650
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-77ba"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: EA7HZiKB6IWk0D8SBrQbqN4L2XazdYa0MepzS3hcjvqVeZUJxxTCdQ==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 55ms
54ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5mac.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5mac.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 261 KB
32 KB 746ms
745ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755455747985498&correlator=1658118548683992&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=1049447%2C9to5mac-728x90-TopMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x70%7C970x90%7C970x250&ifi=5&adks=3892327234&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8e2da7e15370754c%3AT%3D1669610302%3AS%3DALNI_MajSbWqma_AgOKZn1u9cnIXwkY5HA&gpic=UID%3D00000b8938466e46%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MaxxkcaBgwz0vWAItqPHXsehsf6XQ&abxe=1&dt=1669610303005&lmt=1669610303&dlt=1669610301290&idt=944&adxs=436&adys=250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&frm=20&vis=1&psz=1600x270&msz=1600x250&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdfcad537954cef5f6f28df06ecf68ab0e1914d74950e5cd1f8595d0e97ba3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33024
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5mac.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
10 KB 389ms
388ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2755455747985498&correlator=1658118548683992&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=1049447%2C9to5mac-300x250-TopSidebarMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C728x90%7C970x90%7C970x250&ifi=6&adks=1248027316&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D8e2da7e15370754c%3AT%3D1669610302%3AS%3DALNI_MajSbWqma_AgOKZn1u9cnIXwkY5HA&gpic=UID%3D00000b8938466e46%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MaxxkcaBgwz0vWAItqPHXsehsf6XQ&abxe=1&dt=1669610303008&lmt=1669610303&dlt=1669610301290&idt=944&adxs=650&adys=4456&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&frm=20&vis=1&psz=1600x270&msz=1600x20&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cf0b0d4b66dafe8eec123936408cdcce3cf8f4d98304465e0cf1ad80c0ed21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10589
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5mac.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EAF4 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEgP5PjuEY7TjBpyjx_AP5OiGaIODo7dtusXx68wPzc_b_uogEAEgrJXiFGCV4pCCoAegAZKZq_wCyAEBqAMBqgTwAU_Q4uXh6824FoM0hxmocHNk-RnNuKoR5zJGZDfNY_dvo2IaZcLEa_d6Z_23p1a76w7FUBphtjkqqj6XvcFVH5OKE81Rsm5pRBPFI-v6puwU1Z_HFa2quSwtMz3BFicadnhkiumlIiG4yp67lAZGwG1OSF9qkJ8VvTYiEJYIdy90t9BlARwQ7Ucyq4MX3xZFna3YQzdpIuqnaBGlOPwQlerYIi-1at60eX8dUrojfLg38cMEzuuX7NGH2w8s7baToddUWdGS_kDSE1EDfelw2m3Owiq5DSK10MKILi_hv2Q8PBvhK5takkek3zELb2rWLsAEptCD8rEDkgUECAQYAZIFBAgFGASAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQhIa4AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTI0NDUyNDgyMTY3ODI5ODMYAA&sigh=UG_O4t0gXuc&uach_m=[UACH]&cid=CAQSGwDq26N9QF_LC7m1wSu7YA4NFr2MQ46EmLvmuBgBIBM&template_id=5028

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=466652548&adf=938554&w=336&fwrn=4&fwrnh=100&lmt=1669610302&rafmt=1&format=336x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301827&bpp=3&bdt=537&idt=198&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=omd4cX6zW1&p=https%3A//9to5mac.com&dtd=205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 04:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 159ms
52ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1493547-1&cid=2015005901.1669610302&jid=739945411&_u=YADAAAAAAAQCAC~&z=1672087980

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 157ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1493547-1&cid=2015005901.1669610302&jid=739945411&_u=YADAAAAAAAQCAC~&z=1672087980

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame D241 48 KB
13 KB 427ms
425ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=04%3A38%3A23.055&lti=visibility_test_2_var&data=%7B%22id%22%3A946%2C%22ii%22%3A%22%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669288233151%2C%22vi%22%3A1669610302974%2C%22cv%22%3A%2220221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A9408%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F%22%2C%22vpi%22%3A%22%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%22%2C%22e%22%3A%22https%3A%2F%2F9to5mac.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A960%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A960%2C%22dh%22%3A27%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2F9to5mac.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%229to5maccom%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2F9to5mac.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%229to5maccom%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22visibility_test_2_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ab973046df6d5692dfbc9c864f976ee25380267873769f28b05f32ba8e5363d

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 407
date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4064-HHN
server: nginx
x-timer: S1669610303.063688,VS0,VE407
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://9to5mac.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js Show response
c.disquscdn.com/next/embed/ Frame 5621 502 KB
126 KB 10ms
8ms Script
application/javascript 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bdfa3d92287fdb3bb869f96fe21b3866f5fb913f66e0daf3149e0765496c74d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 371906
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 128551
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1f627"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: _63qwgwZzzf1Yuj6yYn99qXJRo4dtiIXNGsXqAowtgXEt56pUNLE4g==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 5621 16 KB
17 KB 15ms
15ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

30403bfa0ebd552a8a5bfa6edcba8504fba7aeed2825a4e1ee927e94b605e221

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:23 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16810
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame EAF4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 b
sb.scorecardresearch.com/ Frame D9C5 0
191 B 14ms
8ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669610303078&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&c8=&c9=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZDhIFoSizrVA4r0jKxnCDCLTCX3V7kpxRGKMKwguJ6XR9xfMHp8q2Q==
x-cache: Miss from cloudfront

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
45ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 28 Nov 2022 04:38:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BC8E 90 B
134 B 49ms
48ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b2401dd51e8144cf88fb66c50a6c9c4433f9acbce7ad8743c51d1b622e999fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ Frame D241 0
188 B 10ms
9ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669610303232&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&c8=&c9=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: IlS9EROhKziQLUeN1Me4PT_uWMrH9w2POsqi6__F_tIp0G9cl72j6Q==
x-cache: Miss from cloudfront

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/ Frame BBF9 14 KB
4 KB 126ms
42ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a61c0b2a8f265a0a2fe29e8d8cf6af9314325fc6a18ab6d4dfd2c1c2367071

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 41421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3735
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 17:08:02 GMT
expires: Mon, 27 Nov 2023 17:08:02 GMT
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BCC 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeczBPjuEY4-nHfbYx_APg5uD-Avyg6qfbZ-K3K3MEO7DhsmcNxABIKyV4hRgleKQgqAHoAHc9KXUA8gBCakC_V3iep9wsT6oAwHIA0iqBO8BT9ApoHiUGApKh57q6ymqXLu7wZNmOalV3q4XZKnvFNlD0z5Lxg98QQ4p8w_lXdZbEKbPy_IC21do09_qIWI7puOOjyVr6nEC3pjfxcCg1YdPhhfWXfnZ9OeQG92nWla8th13COjwWIRGHyOoHNL8UN6DO8n4nCFh20C-E_ZtbpjLJ3SUdz1WZ466zFKPK-fx95_tFk_eiUvjlQniohdrVXoAVAQ17XM1Z-8nzDBINq1qz9xYsQIWn-HMpKbeeXJ4Rabnpy2Q403vjlTd3ItBUYMNRO3QTQ01MIWFNwaq016Wd0uOrZEeLbE5M4Vu5IrABI3q-sOLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeMi9orqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ04uoAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI0NDUyNDgyMTY3ODI5ODMYAA&sigh=wi3MU0CyZmA&uach_m=[UACH]&cid=CAQSPADq26N9av6q8g9CK7xjqAodARB1sRT159QXn8RQzXUkgm4v4PzM1JO9i1Iss0SH9Jt-1fwHfe8z_ttiwRgBIBM&template_id=419

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 04:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0BCC 23 KB
9 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0BCC 3 KB
1 KB 138ms
59ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 20:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 20:39:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0BCC 18 KB
7 KB 125ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 12:23:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0BCC 0
0 131ms
47ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSq9Q6wHIa8k7Q8Te4R6gTONW5qfquEP0nXBN8SmhgI6-PAEFlZRZUVZsMH6lvqh_gb73tBs_iV9bO8kgogXncebUgQUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BCC 154 KB
47 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 04:38:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6749 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=466652548&adf=938554&w=336&fwrn=4&fwrnh=100&lmt=1669610302&rafmt=1&format=336x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610301827&bpp=3&bdt=537&idt=198&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=omd4cX6zW1&p=https%3A//9to5mac.com&dtd=205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EAF4 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22828b6af3451e20f7a5c4945df06b88ffb09ae9e827ba5cfa3223e0ef214825

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ Frame D9C5 19 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f04600ca36e8aa20c4f523cbc176165c79a0e84f13daf2969f6f58b6e56eea8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _oWH.t5hUMBfEDjZSrgj6WNqSlZq3tw1
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:23 GMT
x-amz-request-id: NRPCCZ9SZ4JBW3D0
age: 66
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5172
x-amz-id-2: yvbGQhfaLFAZA71A9HxSMHGYD1oEczH+Ii7Sku50q0pNsr7OpmK3Mp3Yv3P2ODMDp2EZVWm74C4=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:14:44 GMT
server: AmazonS3
x-timer: S1669610303.465912,VS0,VE1
etag: "0bd7f36a4a1effc6977b017783211a53"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ Frame D9C5 103 KB
30 KB 19ms
18ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 509747
x-cache: Hit from cloudfront, HIT
content-length: 29909
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
server: AmazonS3
x-timer: S1669610303.472002,VS0,VE0
etag: "1842444d4bb92087143326a4d508875d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aI-Tt2Ot9n9zuZbg8nu2wg9LxqqzMViBC2QrGjKN4L1ymwD_ifli4w==
x-cache-hits: 31758

GET
H2 200 userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ Frame D9C5 18 KB
6 KB 20ms
19ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ed02d42bcd8f9ebc716a2cba9309cd84c560441c9966cda1d04a9a196d114a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: PmIokHr4fdXA_OxR17w9h_sTgpZu3w_P
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:23 GMT
x-amz-request-id: ZZ2F82V4TRK1C2M0
age: 107
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5456
x-amz-id-2: YnPfxiMLpdksh0TwnU1K7NoLaxQfMBrZtD8vGPiHKBOkhKMLtTvatl2Bd+jZaJuoRa5o9+ETbbc=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:15:42 GMT
server: AmazonS3
x-timer: S1669610303.471900,VS0,VE1
etag: "1188c602e32ac77870ef0b026d18b135"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 59BA 221 KB
61 KB 165ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 59BA 14 KB
5 KB 237ms
113ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 59BA 94 KB
28 KB 242ms
119ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 59BA 5 KB
2 KB 258ms
134ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 59BA 40 KB
13 KB 259ms
136ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
DATA 200
OK truncated
/ Frame 59BA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 227a089e91ccdb0082148dc873094818a67983e1fe3fa5dcff80d4c61ec7df24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 912575310537943094
tpc.googlesyndication.com/simgad/ Frame 59BA 68 KB
68 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/912575310537943094?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkmlvzG95DuUWewMX5PCQxAOu6gpw

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2030e2b8ffa334e545c8af970cba4ac72273d859231902bc17edb82588be3dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:11:04 GMT
x-content-type-options: nosniff
age: 235639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69363
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:28:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 11:11:04 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59BA 2 KB
2 KB 59ms
58ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 68310
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59BA 295 B
319 B 59ms
58ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 60184
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Nov 2022 11:55:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 59BA 0
0 48ms
47ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThqnQwadI6kT7sZOVlSCYmCCRFw0z6U8aCvhuBURpSBBbC6as-dyinZ2jCqblJ5LkbnLlm
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 59BA 0
0 84ms
83ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNurOPzuEY-DjAszt7_UPwvqQgAqyxpW4be6Kkc2lEM3P2_7qIBABIM3P_R1gleKQgqAHoAGSmav8AsgBAuACAKgDAcgDCKoEhQJP0L7mI5E1D_1iMu7Hr_Ho-Y9uJQE44dDJbpoSgMQlgwVv98Ef4Z1l91o3vMBBE9te3p6Zn1Y4qv0id-bQ7ml8shWyj8OBTbhYTSdCf7ddQB0SS2a-18dCM7xMQbrK0-VkkRb2Y1mEstznsSqq-QxFJlS1DD3k6m4IYLkxpCeoUNiBiUYKypBygi9BIfc-i8KuSL-dvrOPN5nk4Q-6PrSEGFmlTWL_WnuXNfuufsZ0WpCZ0RWwV7Uk1qduSMywXV3iwOrxZDwjYOlKbqe12elkwU7ZBO9bTP0gYVIO1RowrZKuqGpjUg1O5TgP5RCQvtE3mX-aKMIT_QUBjhxw9ceVInPD3ZLABLHP9Zm0A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfW5tSDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL_vJNIIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTA5OTMwMjU2MjMxMTYzMjUYt8EI&sigh=sZW0ULPjZTY&uach_m=[UACH]&cid=CAQSPADq26N9AbV32a5PK1bSGAzg7DRgkb7Wn1KYtc5InIsuBvqjkOhAEhqzLLwucbb_ohsbh_AlpZ1qXC1LQhgBIBM
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame EAF4 44 KB
44 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 130972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:15:31 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BBF9 6 KB
3 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 28 Nov 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BBF9 34 KB
13 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 28 Nov 2022 19:53:06 GMT

GET
H3 200 66da89e07e92b21fd0496518465e695d.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/ Frame BBF9 73 KB
18 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/66da89e07e92b21fd0496518465e695d.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51d831b072e1efe86dadd611955d5894b1c544fded82458848ecc78eed02272

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 17:08:03 GMT
age: 41420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18882
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H2 200 5bc853b76ba56f17737ca49786e18605.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 5 KB
6 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bc853b76ba56f17737ca49786e18605.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ee4f2a4218bc45f0b21dc634b098a40fcbd6a52801e84e0addd47dddf91ae22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bc853b76ba56f17737ca49786e18605.jpg
age: 2734167
edge-cache-tag: 313777293658167005804196715522443903042,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 313777293658167005804196715522443903042,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 91
expiration: expiry-date="Mon, 21 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.thedailyjournal.com/story/sports/sports-betting/2022/10/26/eagles-vs-steelers-betting-odds-picks-predictions/69586790007/
content-length: 5362
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kcgs7200144-IAD, cache-chi-klot8100071-CHI, cache-iad-kiad7000088-IAD, cache-hhn4064-HHN
last-modified: Fri, 21 Oct 2022 19:17:11 GMT
server: nginx
x-timer: S1669610304.568780,VS0,VE0
etag: "df8f3c6917a0df72abb5d1eea134f54c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 8525, 2

GET
H2 200 0d160ba8c6375a689023b9a660745a13.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 16 KB
17 KB 9ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d160ba8c6375a689023b9a660745a13.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b424ff82179a0fa8d39abff6831a81dda88f13199d5cf75983ed463d2c7fbe6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d160ba8c6375a689023b9a660745a13.jpeg
age: 1431029
edge-cache-tag: 324563280838642702508247760368669869692,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324563280838642702508247760368669869692,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 700
req-referer: https://onedaily.com/
content-length: 16522
x-request-id: afd8f61fcb085207da6570185f1a161f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200153-IAD, cache-bur-kbur8200057-BUR, cache-iad-kiad7000031-IAD, cache-hhn4064-HHN
last-modified: Fri, 11 Nov 2022 15:04:54 GMT
server: nginx
x-timer: S1669610304.569831,VS0,VE1
etag: "3b3f68012752841b4210ad0ce6d4dcbb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 fe29901c149e9e1f8d0b826eaa5d46d8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 10 KB
11 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe29901c149e9e1f8d0b826eaa5d46d8.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8a51b511d6007123269ee7263eea99141218ad282d7f66471e6fc4d35f49310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe29901c149e9e1f8d0b826eaa5d46d8.jpg
age: 5022225
edge-cache-tag: 543039266888574122779073805559603472017,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 543039266888574122779073805559603472017,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 159
expiration: expiry-date="Fri, 21 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://sportstelly.com/
content-length: 10644
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kcgs7200066-IAD, cache-lax10634-LGB, cache-iad-kiad7000068-IAD, cache-hhn4064-HHN
last-modified: Tue, 20 Sep 2022 06:45:50 GMT
server: nginx
x-timer: S1669610304.570240,VS0,VE1
etag: "15a613e1c5ce170f258cf0e2ba404fe8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 116, 1

GET
H2 200 8e88c360e19025af395075d2a5d7c4d8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 15 KB
16 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d1a652f60bf21f11bfa09dbc8cee82673824c21dec2b21d007e413be0dd2904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
age: 332531
edge-cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 451
req-referer: https://www.forever-mom.com/de/22766/3/?utm_source=taboola&utm_campaign=21969561&utm_content=3581679786&utm_medium=tag24&utm_mb=xbt&utm_bt=21969561%7Cc
content-length: 15748
x-request-id: 3c42aec63e7f8fbd07cb1e4b17897207
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kiad7000038-IAD, cache-lga21975-LGA, cache-iad-kjyo7100129-IAD, cache-hhn4064-HHN
last-modified: Wed, 23 Nov 2022 15:28:07 GMT
server: nginx
x-timer: S1669610304.570391,VS0,VE1
etag: "2014f1428e96992e312ca8c78f6bc621"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 233989d6a123d99ebf89dbbec72b2759.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 15 KB
16 KB 21ms
20ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/233989d6a123d99ebf89dbbec72b2759.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 693207359889a0d99c229602edd633a2c208119ca6d04d7e9e67ac2a79651a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 13
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/233989d6a123d99ebf89dbbec72b2759.jpeg
age: 405281
edge-cache-tag: 625291200011804036400424126719933978238,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625291200011804036400424126719933978238,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 469
req-referer: https://paperela.com/
content-length: 15592
x-request-id: d5017a88961e0e49ac0455e50ebc330c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000103-IAD, cache-iad-kiad7000130-IAD, cache-lga21964-LGA, cache-iad-kcgs7200148-IAD, cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 23:17:30 GMT
server: nginx
x-timer: S1669610304.572200,VS0,VE13
etag: "fcc00d9671c0dde2a9efa50a98050873"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 RAD_RaidTzachi_B140487_1200x800_NoOS_English%26IMG%3D30EF.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2022/10/ Frame D9C5 14 KB
15 KB 17ms
17ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2022/10/RAD_RaidTzachi_B140487_1200x800_NoOS_English%26IMG%3D30EF.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89a4fc67baf6e7de5d22417727ecf6fedd2f250e895439da6c481845f8594fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2022/10/RAD_RaidTzachi_B140487_1200x800_NoOS_English%26IMG%3D30EF.jpg
age: 2755340
edge-cache-tag: 463557002653285037573366765391030376471,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463557002653285037573366765391030376471,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 2030
req-referer: https://listindiario.com/
content-length: 14320
x-request-id: 9df41a9b61d57ff365746e261aad437a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000173-IAD, cache-lax10644-LGB, cache-iad-kjyo7100070-IAD, cache-hhn4064-HHN
last-modified: Wed, 26 Oct 2022 13:35:35 GMT
server: nginx
x-timer: S1669610304.572287,VS0,VE10
etag: "012315e9c37b32dcff0e6ab4fc073948"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 25, 1

GET
H2 200 cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ Frame D241 19 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f04600ca36e8aa20c4f523cbc176165c79a0e84f13daf2969f6f58b6e56eea8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _oWH.t5hUMBfEDjZSrgj6WNqSlZq3tw1
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:23 GMT
x-amz-request-id: NRPCCZ9SZ4JBW3D0
age: 66
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5172
x-amz-id-2: yvbGQhfaLFAZA71A9HxSMHGYD1oEczH+Ii7Sku50q0pNsr7OpmK3Mp3Yv3P2ODMDp2EZVWm74C4=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:14:44 GMT
server: AmazonS3
x-timer: S1669610304.591867,VS0,VE0
etag: "0bd7f36a4a1effc6977b017783211a53"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ Frame D241 103 KB
30 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 509747
x-cache: Hit from cloudfront, HIT
content-length: 29909
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
server: AmazonS3
x-timer: S1669610304.596967,VS0,VE0
etag: "1842444d4bb92087143326a4d508875d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aI-Tt2Ot9n9zuZbg8nu2wg9LxqqzMViBC2QrGjKN4L1ymwD_ifli4w==
x-cache-hits: 31759

GET
H2 200 userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ Frame D241 18 KB
6 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ed02d42bcd8f9ebc716a2cba9309cd84c560441c9966cda1d04a9a196d114a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: PmIokHr4fdXA_OxR17w9h_sTgpZu3w_P
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:23 GMT
x-amz-request-id: ZZ2F82V4TRK1C2M0
age: 107
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5456
x-amz-id-2: YnPfxiMLpdksh0TwnU1K7NoLaxQfMBrZtD8vGPiHKBOkhKMLtTvatl2Bd+jZaJuoRa5o9+ETbbc=
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 15:15:42 GMT
server: AmazonS3
x-timer: S1669610304.597102,VS0,VE0
etag: "1188c602e32ac77870ef0b026d18b135"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 204 fix-user-id
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame D241 0
272 B 17ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/fix-user-id?lti=visibility_test_2_var&ri=04dbff75357a059d3573bf1b2cb2b54a&sd=v2_457f7c0bb9dff170db32382e55384d25_34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf_1669610303_1669610303_CIi3jgYQktQ_GP7bneTLMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjm_N3wkuqitRNwAA&ui=34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf&pi=/2022/01/28/us-version-of-pegasus-fbi&wi=-5346239807203085800&pt=text&vi=1669610302974&time=1669610303578&fromUser=7b7a560d-5e4a-4ca8-a782-ba6bdadbbf38-tucta7dc0be&toUser=34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf&fromSD=v2_c51a0cc8bedd61cec0d1b8a055fc6c09_7b7a560d-5e4a-4ca8-a782-ba6bdadbbf38-tucta7dc0be_1669610302_1669610302_CIi3jgYQktQ_GP7bneTLMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjm_N3wkuqitRNwAA&toSD=v2_457f7c0bb9dff170db32382e55384d25_34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf_1669610303_1669610303_CIi3jgYQktQ_GP7bneTLMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjm_N3wkuqitRNwAA&tim=04%3A38%3A23.579&id=2855&llvl=2&cv=20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291&
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish
x-served-by: cache-hhn4064-HHN
server: nginx
x-timer: S1669610304.597234,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 5621 3 KB
4 KB 109ms
109ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=9to5maccom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

04fa2e9a070cb3f87a207eedd4c74838fae5ac1d224707e4b1cba8f4421e314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:23 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3365
X-XSS-Protection: 1; mode=block

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04C7 143 B
166 B 47ms
46ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 fyuyosnktaaol3sqrdfz.mp4
cdn.taboola.com/libtrc/static/video/v1657175449/ Frame D9C5 1 MB
1 MB 8ms
7ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1657175449/fyuyosnktaaol3sqrdfz.mp4
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec73e6c8b232edb8ac26d73666a51dab8d0f1aaf377f03d8cc8ccad3016dcfe1

Request headers

Referer: https://9to5mac.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: HhkCNUxYnrO2ILVr20LAHKMvkOAX4OmK
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish
x-amz-request-id: 9C3WFYK5TYDKAAY2
age: 45
x-cache: HIT
Content-Range: bytes 0-1312887/1312888
x-amz-replication-status: COMPLETED
Content-Length: 1312888
x-amz-id-2: pqu57g6TnwB11PM192sQlyjeFOeZOIiHi9+Z0nfAtdrMCQkVqCkSUjOselYiI6xyF+rANCu+IFs=
x-served-by: cache-hhn4064-HHN
last-modified: Thu, 07 Jul 2022 06:30:57 GMT
server: AmazonS3
x-timer: S1669610304.638277,VS0,VE1
etag: "8af04da9214a9b87fb05ccd17201e816"
content-type: video/mp4;codecs=avc1
abp: 29
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 hhjgdm7bx7tnbfgvfnvq.mp4
cdn.taboola.com/libtrc/static/video/v1669219587/ Frame D9C5 283 KB
284 KB 37ms
37ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1669219587/hhjgdm7bx7tnbfgvfnvq.mp4
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2e80a311955d577652a5117b6e2e03781256c09a60859065f88f02b9edb819c

Request headers

Referer: https://9to5mac.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: Yqm9AhKhVlVYthw.qbLp.Jqj7AYh5e6i
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish
x-amz-request-id: 5YMK380X02PSCB9Q
age: 68
x-cache: HIT
Content-Range: bytes 0-290105/290106
x-amz-replication-status: COMPLETED
Content-Length: 290106
x-amz-id-2: M5MsvtnAChH0W82C8RglEYSilBm8CKS6VHoQ/vVuBGukNkfjP9kZQMe64DI2u4nvt1oIV3pzECw=
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 23 Nov 2022 16:06:34 GMT
server: AmazonS3
x-timer: S1669610304.651934,VS0,VE1
etag: "eb029132b9588dd9b48234923935ca2e"
content-type: video/mp4;codecs=avc1
abp: 29
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 b677fad9adfcc6da0de4173e64ef1140.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 24 KB
25 KB 33ms
32ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b677fad9adfcc6da0de4173e64ef1140.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e5f8c7da94dbc4315d01d0470150e7c4f0f374f9dabbb839865cbb79e6ea678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b677fad9adfcc6da0de4173e64ef1140.jpg
age: 591912
edge-cache-tag: 541962348419262296195861238389474620993,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 541962348419262296195861238389474620993,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1037
req-referer: https://www.sohu.com/
content-length: 24898
x-request-id: f46ae4ab547afd6ed2b01407793409b6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kiad7000159-IAD, cache-chi-kigq8000150-CHI, cache-iad-kcgs7200022-IAD, cache-hhn4064-HHN
last-modified: Sat, 19 Nov 2022 13:34:59 GMT
server: nginx
x-timer: S1669610304.666765,VS0,VE2
etag: "e48e268f0614d97b2b68069c0ac7e23a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 5b6ef510ff52de1841e42186c3496bee.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 30 KB
31 KB 29ms
28ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b6ef510ff52de1841e42186c3496bee.png
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cdebb67912713d85a72c34f8d07e36d0f8e99a9635c4c0f0117a4918de0b7368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b6ef510ff52de1841e42186c3496bee.png
age: 932464
edge-cache-tag: 497478157997569945712842984491422235242,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 497478157997569945712842984491422235242,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 219
req-referer: https://www.auto-motor-und-sport.de/
content-length: 30774
x-request-id: aaf729e201d9126ee69840f88af01b57
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100167-IAD, cache-bur-kbur8200163-BUR, cache-iad-kjyo7100112-IAD, cache-hhn4064-HHN
last-modified: Wed, 16 Nov 2022 15:05:53 GMT
server: nginx
x-timer: S1669610304.666744,VS0,VE1
etag: "4fb4e2cc69ad90a0678c3687091a9c2a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 1

GET
H2 200 6111d7bf249a10c0b63868f5ef1b429b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 24 KB
25 KB 29ms
29ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6111d7bf249a10c0b63868f5ef1b429b.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc89890d053a0c78b6feab004ed8022f5ce9ac0b2d02f2a7eea165ce47a0c8a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6111d7bf249a10c0b63868f5ef1b429b.jpg
age: 661651
edge-cache-tag: 303458090921745456915275393440792945328,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 303458090921745456915275393440792945328,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 698
req-referer: https://loanpride.com/
content-length: 24666
x-request-id: 7ce22253ef50293b3caab058467de1ba
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200057-IAD, cache-bur-kbur8200095-BUR, cache-iad-kjyo7100052-IAD, cache-hhn4064-HHN
last-modified: Sat, 19 Nov 2022 10:24:25 GMT
server: nginx
x-timer: S1669610304.666737,VS0,VE1
etag: "5f1b45f1455a9f60abebf1f94575b708"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 0395360a740f0bd17bdb9722422492f0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 7 KB
8 KB 31ms
31ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0395360a740f0bd17bdb9722422492f0.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4aaff1e96a9abfbc048859ae187f32afa8ba2ef9f001f663d0608315980706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0395360a740f0bd17bdb9722422492f0.jpg
age: 1174543
edge-cache-tag: 443493974545323764671730754344397401195,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 443493974545323764671730754344397401195,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 309
expiration: expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://noticiasemdia.online/
content-length: 7624
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kjyo7100084-IAD, cache-bur-kbur8200101-BUR, cache-iad-kcgs7200139-IAD, cache-hhn4064-HHN
last-modified: Tue, 18 Oct 2022 12:12:50 GMT
server: nginx
x-timer: S1669610304.666688,VS0,VE2
etag: "f31a83afbbd9fb0fcc122773b8576453"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 1

GET
H2 200 1f4f885a4d0354d04a63daeb319bbb91.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 6 KB
6 KB 32ms
28ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f4f885a4d0354d04a63daeb319bbb91.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2b2195e190b8792700c2151948572434f4a2d6b634f43886179f958773a6029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f4f885a4d0354d04a63daeb319bbb91.jpg
age: 4612178
edge-cache-tag: 379152645637588898128759619958613499851,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 379152645637588898128759619958613499851,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 123
req-referer: https://rshrt.com/
content-length: 5708
x-request-id: f2d24ba00f9a182d13c29225656c1cd0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200160-IAD, cache-iad-kjyo7100106-IAD, cache-lga21953-LGA, cache-iad-kcgs7200107-IAD, cache-hhn4064-HHN
last-modified: Thu, 22 Sep 2022 22:35:27 GMT
server: nginx
x-timer: S1669610304.668994,VS0,VE1
etag: "223645e3b734860091736cbb1ff9a5a6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 17, 1

GET
H2 200 8e88c360e19025af395075d2a5d7c4d8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 15 KB
16 KB 29ms
27ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d1a652f60bf21f11bfa09dbc8cee82673824c21dec2b21d007e413be0dd2904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
age: 332531
edge-cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 451
req-referer: https://www.forever-mom.com/de/22766/3/?utm_source=taboola&utm_campaign=21969561&utm_content=3581679786&utm_medium=tag24&utm_mb=xbt&utm_bt=21969561%7Cc
content-length: 15748
x-request-id: 3c42aec63e7f8fbd07cb1e4b17897207
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kiad7000038-IAD, cache-lga21975-LGA, cache-iad-kjyo7100129-IAD, cache-hhn4064-HHN
last-modified: Wed, 23 Nov 2022 15:28:07 GMT
server: nginx
x-timer: S1669610304.669396,VS0,VE0
etag: "2014f1428e96992e312ca8c78f6bc621"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
DATA 200
OK truncated
/ Frame 0BCC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1494dd1cd32470f947e2b9bea9a0e9955b1d688b1cdc9d16d64b3e48347f1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0BCC 0
20 B 163ms
79ms Other
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI---IeH0PsCFXbsEQgdg80Avw&gqi=PjuEY4HXHJG_9u8PuZmlsAs&layout=/sadbundle/%24csp%253Der3%24/9429700965190154635/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6749
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:23 GMT
expires: Mon, 28 Nov 2022 04:38:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bc853b76ba56f17737ca49786e18605.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ee4f2a4218bc45f0b21dc634b098a40fcbd6a52801e84e0addd47dddf91ae22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bc853b76ba56f17737ca49786e18605.jpg
age: 2734168
edge-cache-tag: 313777293658167005804196715522443903042,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 313777293658167005804196715522443903042,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 91
expiration: expiry-date="Mon, 21 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.thedailyjournal.com/story/sports/sports-betting/2022/10/26/eagles-vs-steelers-betting-odds-picks-predictions/69586790007/
content-length: 5362
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kcgs7200144-IAD, cache-chi-klot8100071-CHI, cache-iad-kiad7000088-IAD, cache-hhn4064-HHN
last-modified: Fri, 21 Oct 2022 19:17:11 GMT
server: nginx
x-timer: S1669610304.743662,VS0,VE0
etag: "df8f3c6917a0df72abb5d1eea134f54c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 8525, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d160ba8c6375a689023b9a660745a13.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b424ff82179a0fa8d39abff6831a81dda88f13199d5cf75983ed463d2c7fbe6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d160ba8c6375a689023b9a660745a13.jpeg
age: 1431029
edge-cache-tag: 324563280838642702508247760368669869692,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 324563280838642702508247760368669869692,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 700
req-referer: https://onedaily.com/
content-length: 16522
x-request-id: afd8f61fcb085207da6570185f1a161f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200153-IAD, cache-bur-kbur8200057-BUR, cache-iad-kiad7000031-IAD, cache-hhn4064-HHN
last-modified: Fri, 11 Nov 2022 15:04:54 GMT
server: nginx
x-timer: S1669610304.744092,VS0,VE0
etag: "3b3f68012752841b4210ad0ce6d4dcbb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe29901c149e9e1f8d0b826eaa5d46d8.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8a51b511d6007123269ee7263eea99141218ad282d7f66471e6fc4d35f49310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe29901c149e9e1f8d0b826eaa5d46d8.jpg
age: 5022225
edge-cache-tag: 543039266888574122779073805559603472017,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 543039266888574122779073805559603472017,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 159
expiration: expiry-date="Fri, 21 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://sportstelly.com/
content-length: 10644
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kcgs7200066-IAD, cache-lax10634-LGB, cache-iad-kiad7000068-IAD, cache-hhn4064-HHN
last-modified: Tue, 20 Sep 2022 06:45:50 GMT
server: nginx
x-timer: S1669610304.744079,VS0,VE0
etag: "15a613e1c5ce170f258cf0e2ba404fe8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 116, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d1a652f60bf21f11bfa09dbc8cee82673824c21dec2b21d007e413be0dd2904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e88c360e19025af395075d2a5d7c4d8.jpeg
age: 332531
edge-cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403637548099015456651807903920752676278,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 451
req-referer: https://www.forever-mom.com/de/22766/3/?utm_source=taboola&utm_campaign=21969561&utm_content=3581679786&utm_medium=tag24&utm_mb=xbt&utm_bt=21969561%7Cc
content-length: 15748
x-request-id: 3c42aec63e7f8fbd07cb1e4b17897207
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kiad7000038-IAD, cache-lga21975-LGA, cache-iad-kjyo7100129-IAD, cache-hhn4064-HHN
last-modified: Wed, 23 Nov 2022 15:28:07 GMT
server: nginx
x-timer: S1669610304.744066,VS0,VE0
etag: "2014f1428e96992e312ca8c78f6bc621"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/233989d6a123d99ebf89dbbec72b2759.jpeg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 693207359889a0d99c229602edd633a2c208119ca6d04d7e9e67ac2a79651a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/233989d6a123d99ebf89dbbec72b2759.jpeg
age: 405281
edge-cache-tag: 625291200011804036400424126719933978238,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625291200011804036400424126719933978238,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 469
req-referer: https://paperela.com/
content-length: 15592
x-request-id: d5017a88961e0e49ac0455e50ebc330c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000103-IAD, cache-iad-kiad7000130-IAD, cache-lga21964-LGA, cache-iad-kcgs7200148-IAD, cache-hhn4064-HHN
last-modified: Tue, 22 Nov 2022 23:17:30 GMT
server: nginx
x-timer: S1669610304.744050,VS0,VE0
etag: "fcc00d9671c0dde2a9efa50a98050873"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2022/10/RAD_RaidTzachi_B140487_1200x800_NoOS_English%26IMG%3D30EF.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89a4fc67baf6e7de5d22417727ecf6fedd2f250e895439da6c481845f8594fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2022/10/RAD_RaidTzachi_B140487_1200x800_NoOS_English%26IMG%3D30EF.jpg
age: 2755340
edge-cache-tag: 463557002653285037573366765391030376471,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463557002653285037573366765391030376471,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 2030
req-referer: https://listindiario.com/
content-length: 14320
x-request-id: 9df41a9b61d57ff365746e261aad437a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000173-IAD, cache-lax10644-LGB, cache-iad-kjyo7100070-IAD, cache-hhn4064-HHN
last-modified: Wed, 26 Oct 2022 13:35:35 GMT
server: nginx
x-timer: S1669610304.744023,VS0,VE0
etag: "012315e9c37b32dcff0e6ab4fc073948"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 25, 2

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 96ms
95ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8t154f32om2g9t&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=9to5maccom&zone=thread&version=58bc6c863668afd714b59e604f38eefb&page_url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=1419200

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 100ms
98ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8t154f32om2g9t&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=9to5maccom&zone=thread&version=58bc6c863668afd714b59e604f38eefb&page_url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=1419200

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame A6E6 221 KB
60 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A6E6 14 KB
5 KB 183ms
99ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A6E6 94 KB
28 KB 186ms
103ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A6E6 72 KB
16 KB 205ms
122ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 18:08:54 GMT
age: 556170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16659
x-xss-protection: 0
server: sffe
etag: "94fac542ca9cc297"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 18:08:54 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A6E6 5 KB
2 KB 180ms
97ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A6E6 40 KB
13 KB 198ms
116ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 09:52:42 GMT
age: 585942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 09:52:42 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6E6 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 68310
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6E6 295 B
319 B 42ms
41ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 60184
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Nov 2022 11:55:19 GMT

GET
DATA 200
OK truncated
/ Frame A6E6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 219b9234c7b8a7203fc4d4a7cee4b740f25fbaa0e3fd34ebc4b64e105197e508

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame A6E6 0
0 48ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTm-p_XQA3zKtfijcJIW-j9ScEWWLUSWdjUV3229mVmpx_Skpz8BCj1PJKHQMB5nMCzluUe
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A6E6 0
0 84ms
83ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMJCSPzuEY9XYFY2L7_UPgZOFmAPYmtbJZ-6L6aiJBcKHwpb7NhABIM3P_R1gleKQgqAHoAHZ0-jxA8gBCakC_V3iep9wsT7gAgCoAwHIAwiqBJkCT9Bin4w8MwBDXETRibkMJLjFeK1OOyQIx_f7ORjpDAFutBIkNaDNzl5Yu33gL7tbZlzLAYE0UODumOgL1FHolJq8Ma01AZOmwHwJjYcURI5akmMm1iXdQAWG6ivTeQvkmhAprM69EBYNocoMSwWYpaaxGvuh-aAbiie2Z0PRIQgsZs30jA_fLr2ITvHqPt1TWbllPRzGdMKB-s1xEAYo1srSkz3iN842khyYaNudWtWKqyCmZ4Fmsk7M78CSF78_58AXdRr4y0sts37Msftbc_NiYcWSh77ZNQFEODPQUasttLNL2jH1n95XH-wLV0qdcOLOdsBAQdpkIzCpJHx3EK85nwBWkHSCG62AtLhNmOaDnlRKfiHPrjfABP3Q09Zn4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4-slw6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCcuTbSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0wOTkzMDI1NjIzMTE2MzI1GLfBCA&sigh=JfyQ9BcIN0g&uach_m=[UACH]&cid=CAQSPADq26N9vdASV4IObco3EtCvRjYoaHyEVSBzQMFAInCbWvRf4ngZvHu_R6lN_TAyUE4xgsCMMbdtr1kooBgBIBM&template_id=419
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 background-970x90.jpg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 32 KB
32 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/background-970x90.jpg

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd6bdd955ca1d54b0488e66452eeb1f37cb74cc84a60f368a66779d310fb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
x-content-type-options: nosniff
age: 20089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32812
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
DATA 200
OK truncated
/ Frame A6E6 712 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bf6f1cc70df4f9ec42f975fcd6a7f55f47c7057bc42396e024dd4cbc0252e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6E6 782 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f835126410711c5a06888b35b572708a9a00b5d62ec750cb0ef85ab551f5de4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6E6 850 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c16b44b1ecda3a17493261e87af588d28b8a1ac5f5185d0c9c53d671a59b155b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6E6 768 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff08b236f2dd340b9124c3a7e11f35c730b58e34d8ad76069efd69055bc360ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 arrow-orange.svg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 716 B
442 B 50ms
49ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/arrow-orange.svg

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a71af59a4874052c8c848a6e69c612255b07f005de46ed0f5c28f28ebf5ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 410
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
H3 200 logo-viavac-payoff-top-de.svg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 5 KB
2 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/logo-viavac-payoff-top-de.svg

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5d3d7a9b5f9ed6d983175c9abdd10aaf3ab8a31c6d9093d8b9fa9849ee6062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 5621 3 KB
3 KB 7ms
7ms Image
image/gif 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 21 Aug 2022 05:31:16 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 8550427
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 18 Aug 2022 14:28:43 GMT
server: nginx
etag: "62fe4c9b-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZCdPXuDSTxCphUtoDm30b98wq48mm3PDGq15paXYDbc4TrW6gB1udQ==
expires: Mon, 21 Aug 2023 05:31:16 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 5621 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Sep 2022 11:48:31 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 5935792
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
server: nginx
etag: "63243521-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: eNqi_bjMrxB4ilAJMzrorsWknM1uHxBRRTO7KQdVYRVKWIjzLgZ5Rw==
expires: Wed, 20 Sep 2023 11:48:31 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 5621 8 KB
8 KB 8ms
7ms Font
application/octet-stream 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 03 Jun 2022 22:05:41 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 15316362
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 7JkndQzUWORWGD7ZMx5_C_z90UAlPmeOEXe-7V8lXZcrzbE9WkrPUQ==
expires: Sat, 03 Jun 2023 22:05:41 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b677fad9adfcc6da0de4173e64ef1140.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e5f8c7da94dbc4315d01d0470150e7c4f0f374f9dabbb839865cbb79e6ea678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b677fad9adfcc6da0de4173e64ef1140.jpg
age: 591912
edge-cache-tag: 541962348419262296195861238389474620993,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 541962348419262296195861238389474620993,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1037
req-referer: https://www.sohu.com/
content-length: 24898
x-request-id: f46ae4ab547afd6ed2b01407793409b6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kiad7000159-IAD, cache-chi-kigq8000150-CHI, cache-iad-kcgs7200022-IAD, cache-hhn4064-HHN
last-modified: Sat, 19 Nov 2022 13:34:59 GMT
server: nginx
x-timer: S1669610304.992616,VS0,VE0
etag: "e48e268f0614d97b2b68069c0ac7e23a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b6ef510ff52de1841e42186c3496bee.png
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cdebb67912713d85a72c34f8d07e36d0f8e99a9635c4c0f0117a4918de0b7368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b6ef510ff52de1841e42186c3496bee.png
age: 932464
edge-cache-tag: 497478157997569945712842984491422235242,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 497478157997569945712842984491422235242,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 219
req-referer: https://www.auto-motor-und-sport.de/
content-length: 30774
x-request-id: aaf729e201d9126ee69840f88af01b57
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100167-IAD, cache-bur-kbur8200163-BUR, cache-iad-kjyo7100112-IAD, cache-hhn4064-HHN
last-modified: Wed, 16 Nov 2022 15:05:53 GMT
server: nginx
x-timer: S1669610304.992980,VS0,VE0
etag: "4fb4e2cc69ad90a0678c3687091a9c2a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6111d7bf249a10c0b63868f5ef1b429b.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc89890d053a0c78b6feab004ed8022f5ce9ac0b2d02f2a7eea165ce47a0c8a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6111d7bf249a10c0b63868f5ef1b429b.jpg
age: 661651
edge-cache-tag: 303458090921745456915275393440792945328,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 303458090921745456915275393440792945328,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 698
req-referer: https://loanpride.com/
content-length: 24666
x-request-id: 7ce22253ef50293b3caab058467de1ba
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200057-IAD, cache-bur-kbur8200095-BUR, cache-iad-kjyo7100052-IAD, cache-hhn4064-HHN
last-modified: Sat, 19 Nov 2022 10:24:25 GMT
server: nginx
x-timer: S1669610304.992957,VS0,VE0
etag: "5f1b45f1455a9f60abebf1f94575b708"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0395360a740f0bd17bdb9722422492f0.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4aaff1e96a9abfbc048859ae187f32afa8ba2ef9f001f663d0608315980706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0395360a740f0bd17bdb9722422492f0.jpg
age: 1174543
edge-cache-tag: 443493974545323764671730754344397401195,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 443493974545323764671730754344397401195,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 309
expiration: expiry-date="Fri, 18 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://noticiasemdia.online/
content-length: 7624
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kjyo7100084-IAD, cache-bur-kbur8200101-BUR, cache-iad-kcgs7200139-IAD, cache-hhn4064-HHN
last-modified: Tue, 18 Oct 2022 12:12:50 GMT
server: nginx
x-timer: S1669610304.992943,VS0,VE0
etag: "f31a83afbbd9fb0fcc122773b8576453"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f4f885a4d0354d04a63daeb319bbb91.jpg
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2b2195e190b8792700c2151948572434f4a2d6b634f43886179f958773a6029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 28 Nov 2022 04:38:23 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f4f885a4d0354d04a63daeb319bbb91.jpg
age: 4612178
edge-cache-tag: 379152645637588898128759619958613499851,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 379152645637588898128759619958613499851,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 123
req-referer: https://rshrt.com/
content-length: 5708
x-request-id: f2d24ba00f9a182d13c29225656c1cd0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200160-IAD, cache-iad-kjyo7100106-IAD, cache-lga21953-LGA, cache-iad-kcgs7200107-IAD, cache-hhn4064-HHN
last-modified: Thu, 22 Sep 2022 22:35:27 GMT
server: nginx
x-timer: S1669610304.992918,VS0,VE0
etag: "223645e3b734860091736cbb1ff9a5a6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 17, 2

GET
H3 200 user_uploaded_paneuropa_nova_500_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/ Frame BBF9 97 KB
53 KB 125ms
43ms Font
font/ttf 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/user_uploaded_paneuropa_nova_500_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/66da89e07e92b21fd0496518465e695d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa234b65f1550732bb16a8d35537cec3fbc429ac1341a3c2f7ece41e8792ad7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 17:08:03 GMT
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54692
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H3 200 user_uploaded_paneuropa_nova_400_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/ Frame BBF9 87 KB
48 KB 123ms
42ms Font
font/ttf 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/user_uploaded_paneuropa_nova_400_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/66da89e07e92b21fd0496518465e695d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9efdfdfaa29a5654bebd6e14e251f942cc574102f226e615bcf97b096603b6e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 17:08:03 GMT
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49243
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H3 200 user_uploaded_paneuropa_nova_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/ Frame BBF9 96 KB
53 KB 141ms
61ms Font
font/ttf 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/fonts/user_uploaded_paneuropa_nova_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/66da89e07e92b21fd0496518465e695d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09b3f23ebf93d43570a012f3af125272118adeae8006c914fef1376a9e0fdc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 17:08:03 GMT
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54356
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H3 200 0ef0454a381e0d493324924889958778.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/ Frame BBF9 31 KB
31 KB 45ms
41ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/0ef0454a381e0d493324924889958778.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c8c972e9ab8dc08fcd24d54058a752a36faae8b303ec5be4a29d8197e43d7f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Nov 2022 17:08:03 GMT
x-content-type-options: nosniff
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32027
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H3 200 b2e1f61d6dd61e4ad49b6cc9d9dfb5b7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/ Frame BBF9 3 KB
3 KB 51ms
46ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/b2e1f61d6dd61e4ad49b6cc9d9dfb5b7.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de9b776e2196dfdcf81dc3ca40b72a8175c8d62f14e42a6d6d8fd1b2049e986d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Nov 2022 17:08:03 GMT
x-content-type-options: nosniff
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3396
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H3 200 b372598ef17adfb5d420d76ab069b681.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/ Frame BBF9 5 KB
5 KB 52ms
47ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/media/b372598ef17adfb5d420d76ab069b681.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9429700965190154635/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f32058f55d76f422093f0b8520aee2421088c531d2572bb81d6816ba03d3ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 27 Nov 2022 17:08:03 GMT
x-content-type-options: nosniff
age: 41421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4798
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 08:33:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 17:08:03 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/141/9200/ Frame 5621 2 KB
3 KB 7ms
7ms Image
image/jpeg 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/141/9200/avatar92.jpg?1565711189

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62e7f4ab5a81a58de3b1ce876428c9fc3b791dca265f845ed2ca3744c2c2880f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 04 Nov 2022 01:13:46 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 2085878
x-cache: Hit from cloudfront
content-length: 2224
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 13 Aug 2019 15:46:30 GMT
server: nginx
etag: "ed939b7fe7e36b19698c76e7a429588b"
content-type: image/jpeg
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-amz-cf-id: FclMaTRlochIKeMxAnCwMG4LMmidxC8Pbmj4bCikQ3_L85GdRY6eCQ==
expires: Sat, 04 Nov 2023 01:13:46 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5621 43 B
339 B 99ms
98ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.17&load_time=868&event=init_embed&thread=8993356804&forum=9to5maccom&forum_id=1419200&imp=8t154f32om2g9t&thread_slug=us_version_of_pegasus_was_bought_and_tested_by_the_fbi_in_2019_but_never_used&user_type=anon&referrer=https%3A%2F%2F9to5mac.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 59BA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

52ms
51ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Nov 2022 04:38:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:24 GMT
expires: Mon, 28 Nov 2022 04:38:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 92B8 742 B
543 B 45ms
25ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=undefined&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fe8ecc54-3409-4aef-9114-fa26ca51685e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 28 Nov 2022 04:38:24 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1669610304.268278,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame CFFC 742 B
828 B 79ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 28 Nov 2022 04:38:24 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame D9C5 1 KB
737 B 85ms
83ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1669610304245&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-1001676631&tz=0&viewable=true&ddast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=dfrc_vB!nrlc_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2F9to5mac.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae72a504da695844b72d0707ebc9d65d5336d671646ba1e4c2ad7142964537b8

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 28 Nov 2022 04:38:24 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1453
x-cache: MISS
x-served-by: cache-hhn4064-HHN
pragma: no-cache
server: nginx
x-timer: S1669610304.268259,VS0,VE67
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame D9C5 0
44 B 75ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=31589837&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1669610302129.6!ts:1669610304237&mntl=1
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
content-length: 0
server: nginx

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/141/9200/ Frame 5621 2 KB
3 KB 8ms
7ms Image
image/jpeg 2600:9000:2057:e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/141/9200/avatar92.jpg?1565711189

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62e7f4ab5a81a58de3b1ce876428c9fc3b791dca265f845ed2ca3744c2c2880f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=9to5maccom&t_i=784062%20https%3A%2F%2F9to5mac.com%2F%3Fp%3D784062&t_u=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&t_e=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&t_d=US%20version%20of%20Pegasus%20spyware%20bought%20and%20tested%20by%20the%20FBI%20-%209to5Mac&t_t=US%20version%20of%20Pegasus%20spyware%20was%20bought%20and%20tested%20by%20the%20FBI%20in%202019%2C%20but%20never%20used&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 04 Nov 2022 01:13:46 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 2085878
x-cache: Hit from cloudfront
content-length: 2224
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 13 Aug 2019 15:46:30 GMT
server: nginx
etag: "ed939b7fe7e36b19698c76e7a429588b"
content-type: image/jpeg
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-amz-cf-id: eeZ05dskm4wHzq0o729o0tjMNe_l6fo1zEF4FxF05kJlKyrS66SXiQ==
expires: Sat, 04 Nov 2023 01:13:46 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 92B8 70 B
265 B 97ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=undefined&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fe8ecc54-3409-4aef-9114-fa26ca51685e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 92B8 43 B
183 B 325ms
98ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=undefined&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fe8ecc54-3409-4aef-9114-fa26ca51685e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 28 Nov 2022 04:38:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 92B8
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

0
98 B

76ms
16ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&cmcv=&pix=undefined&cb=1669610304237&uv=3244&tms=1669610304237&abt=dfrc_vB!nrlc_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=fe8ecc54-3409-4aef-9114-fa26ca51685e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18564

Redirect headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 108
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame CFFC 43 B
182 B 254ms
100ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 28 Nov 2022 04:38:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CFFC 70 B
264 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame CFFC
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

0
98 B

75ms
17ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V73scCFgOPxvDamJFn8ASPxvDamJFn8AUAAAAGBuIHJOYyrjwe12itGQ2Wa9HCZXMrF4vRWuawzDYO12I2XK2MQGIu48rjcY3WmtFguRYtXDa3crEYrWUOy2zjcC1mw9XKDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPoWwjF7Z3Nm0SogLTIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10-8jSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFR9CKwWB1BrQbrkaT2QEAAADc_f___-M1vitUMvfm0uqBjGuxMGw8xonLZLItNi6PYeSYGBeG1WrmsW0My-0dlf5RAf_NU_tN2GK0mkw2y-FsuZgMhqPhaLS_gRjsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCHMT38I1G4zcqpVp4RZtHMa1wjecrCUO28TkMFksNs9wLXp9TA_fyGOYuLwoGLC0F8nTIp0ojKPNyDLbLGYLy2binPk2rt1kshntlgvXbmZYWMQSzckincgu-45rsTBsPMaJy2SyLTYuj2HkmBgXhtVq5rFtDMt9b-JbuGaDkVu1Mi3coo3DuFb4hpO1xGGbmBwmi8XmGa5Fr4_p4Rt5DBOXvzGbLWeLwWYw2Tdms-VsMdgMJvsOk-mZ-pyNrunR7xF6E7vLVGZzGBQug8X7k5gW0-7s4Pn9jk6d-qUs6ozCy_foNSg8B4_q9tc5u6_r8TRd6rwHgyKWCC7Sicjpebw-b93T5HOZ3pqHzWV6nl22l9kyGPvtPtPDaTYsJ2KJ0nSRTvSSwWSyFyz2kuFe9XnLXpbP0293621uwcvn8Lw-b5nFaRFLBKeLdCJ6GU8X9R8fYriaSxabuWK1mitmy1UCAAAAAAAAAFjCnHkTAAAAgNNANsPhYLXOg9hMJqvNarkAD-oSusAgAAAAAAAAxY0fl5DT83h93rqnyecyvTUPm8v0PLtsL7NlMPbbfaaH02xYThngwWmRefNnglir1bIGAAAQwAYAAAjg1s1bQJgV_____x8HAAAgI0cPAAAgvg-k8sCFUi_8yE-Qi8Vo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18564

Redirect headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 89
Connection: keep-alive
Content-Length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CC72 742 B
447 B 16ms
16ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=undefined&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=00a05414-42fd-4695-b5d0-5cd9b06b5374&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 28 Nov 2022 04:38:24 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4064-HHN
x-timer: S1669610304.404185,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 5BCF 742 B
827 B 17ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 28 Nov 2022 04:38:24 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame D241 1 KB
594 B 66ms
66ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1669610304406&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-1541247346&tz=0&viewable=true&ddast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=aatestfgc1_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2F9to5mac.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae72a504da695844b72d0707ebc9d65d5336d671646ba1e4c2ad7142964537b8

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 28 Nov 2022 04:38:24 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1466
x-cache: MISS
x-served-by: cache-hhn4064-HHN
pragma: no-cache
server: nginx
x-timer: S1669610304.406688,VS0,VE60
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame D241 0
43 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=31589837&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1669610302117.5!ts:1669610304403&mntl=1
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
content-length: 0
server: nginx

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6E6 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 68311
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Nov 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6E6 295 B
325 B 42ms
40ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 60185
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Nov 2022 11:55:19 GMT

GET
H3 200 background-970x90.jpg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 32 KB
32 KB 43ms
40ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/background-970x90.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd6bdd955ca1d54b0488e66452eeb1f37cb74cc84a60f368a66779d310fb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
x-content-type-options: nosniff
age: 20090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32812
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
H3 200 arrow-orange.svg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 716 B
443 B 48ms
46ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/arrow-orange.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a71af59a4874052c8c848a6e69c612255b07f005de46ed0f5c28f28ebf5ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 410
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
H3 200 logo-viavac-payoff-top-de.svg
tpc.googlesyndication.com/sadbundle/11931198582349353234/ Frame A6E6 5 KB
2 KB 48ms
46ms Image
image/svg+xml 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11931198582349353234/logo-viavac-payoff-top-de.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5d3d7a9b5f9ed6d983175c9abdd10aaf3ab8a31c6d9093d8b9fa9849ee6062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 10:53:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Nov 2023 23:03:34 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CC72 70 B
264 B 30ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=undefined&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=00a05414-42fd-4695-b5d0-5cd9b06b5374&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame CC72 43 B
182 B 192ms
99ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=undefined&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=00a05414-42fd-4695-b5d0-5cd9b06b5374&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 28 Nov 2022 04:38:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame CC72
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

0
98 B

85ms
16ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&cmcv=&pix=undefined&cb=1669610304403&uv=3244&tms=1669610304403&abt=aatestfgc1_vA!t45!ufm&ru=https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=00a05414-42fd-4695-b5d0-5cd9b06b5374&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18564

Redirect headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 49
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 5BCF 43 B
182 B 183ms
99ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 28 Nov 2022 04:38:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5BCF 70 B
264 B 30ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 5BCF
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

0
98 B

74ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18564

Redirect headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame BBF9 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 23:08:48 GMT

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_4_4/infra/ Frame D241 721 KB
125 KB 33ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_4_4/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e184613b2edf9f00aec7b21fc8a8212849e3d9abd0e9ff96406b78e7fcdb4a0e

Request headers

Referer: https://9to5mac.com/
Origin: https://9to5mac.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-mtime: 1669297975
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: NPVP05MX05BB7CRB
age: 312112
x-cache: HIT
x-amz-meta-ctime: 1669297976
x-amz-meta-mode: 33188
content-length: 127638
x-amz-id-2: S99QBq4o+VxWhmv/lgOb2IvADQcMFRylr2g9MCjTOwIQUIm6EtaKu+540sqlE7q08QA7HqMRH4k=
x-served-by: cache-hhn4053-HHN
last-modified: Thu, 24 Nov 2022 13:52:57 GMT
server: AmazonS3-br
x-timer: S1669610305.515887,VS0,VE0
etag: "c84f37a3a16e6b0512178f454420974e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 68423

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_4_4/assets/css/ Frame D241 63 KB
9 KB 16ms
15ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_4_4/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-mtime: 1669298069
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: NPVT3ZT8D4AW1EJF
age: 312113
x-cache: HIT
x-amz-meta-ctime: 1669298072
x-amz-meta-mode: 33188
content-length: 8297
x-amz-id-2: EzVlD5vhLcFfPWeDnPA1cAt5nJKDOisPFfOMXvApgc7i0I7eS0zfxQESJlkw1WhdihQSUKjNpgo=
x-served-by: cache-hhn4064-HHN
last-modified: Thu, 24 Nov 2022 13:54:33 GMT
server: AmazonS3-br
x-timer: S1669610305.500337,VS0,VE0
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 139812

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame D9C5 0
275 B 16ms
16ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=visibility_test_2_var&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn4064-HHN
server: nginx
x-timer: S1669610305.626412,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://9to5mac.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/ Frame D241 429 KB
86 KB 18ms
18ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_4_4/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d2a438345477c284b6ea53ff812d0a29086f9b4ffeed2fb37ad2f9b574bb56f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-mtime: 1666856080
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 4M088W55MJT4M09Q
age: 1144428
x-cache: HIT
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
content-length: 87152
x-amz-id-2: q5TMmQp7gWtI29iuLX2i5NxQAZjbijP+mShKwEaHqd8CaPekDd7jdWp2UE6HroEtoWiBR0MFjms=
x-served-by: cache-hhn4064-HHN
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
server: AmazonS3-br
x-timer: S1669610305.746100,VS0,VE0
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 72538

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4C26 742 B
827 B 16ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_4_4/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 28 Nov 2022 04:38:24 GMT
machineid: 3406
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame D241 89 KB
89 KB 8ms
7ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://9to5mac.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA6-C1
age: 2399543
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-hhn4064-HHN
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1669610305.774047,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 369E9eGR1cQMYD04HZep7gA1D3CVCUynwBDqpc1j4ltAHquWcF-3cw==
x-cache-hits: 689560

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame D241 0
275 B 16ms
16ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=visibility_test_2_var&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn4064-HHN
server: nginx
x-timer: S1669610305.774030,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://9to5mac.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 4C26 43 B
182 B 98ms
98ms Image
image/gif 2600:1f18:612b:4216:7c0:9dd:bfc5:265a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7c0:9dd:bfc5:265a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 28 Nov 2022 04:38:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4C26 70 B
264 B 32ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 04:38:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4C26
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17545

Redirect headers

Date: Mon, 28 Nov 2022 04:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7e9bc8e3-6ed6-11ed-8689-1a27ea400206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 57
Connection: keep-alive
Content-Length: 0

GET
BLOB 200
OK 08a83f77-fb0b-430b-bc2a-fd7716de4ea6
https://9to5mac.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://9to5mac.com/08a83f77-fb0b-430b-bc2a-fd7716de4ea6
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19261df83d5a2e7918685c5afbadb791b5b7b08cc26fa3b1739fec10876ce17c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Length: 1453
Content-Type: text/javascript

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D9C5 254 B
696 B 7ms
6ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: 9to5mac.com
URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 varnish
x-amz-request-id: QQBJB95DTC5C6ET8
age: 19105
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1669610305.886265,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 29
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 710

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ff374afdef0b8cc9a0d2e2cc1ca99b89be995f4a69b64cd57212e6937eb81b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11334
x-xss-protection: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/20278522/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
358 B

7ms
7ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:23:45 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 880
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: j0O4zqkvneTzrMhv0T5kkqVbKi5oQGOQvbLaEjadHLBW-Gm0-Rr6uw==

Redirect headers

location: /internal-c2/default/cs.js
date: Mon, 28 Nov 2022 04:38:24 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: aoILmTTnAIhYi8JEFr6dPVYrmBmOyTsCFpYiNJNqEJVc4_8E8trYqw==
x-cache: Miss from cloudfront

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 04:38:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0A6 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 20:48:29 GMT
expires: Mon, 27 Nov 2023 20:48:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3F1 783 B
536 B 51ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5225597c6f9e0a20f331ebcb20f551283af436d85d6771946bb78f5201605e5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EwTCilqbg5_XBIAzzK4NGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9to5mac.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-EwTCilqbg5_XBIAzzK4NGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 04:38:25 GMT
expires: Mon, 28 Nov 2022 04:38:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D241 254 B
378 B 7ms
7ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 28 Nov 2022 04:38:25 GMT
via: 1.1 varnish
x-amz-request-id: QQBJB95DTC5C6ET8
age: 19105
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1669610305.098763,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 29
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 711

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame D0A6 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 23:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 23:08:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3F1 0
0 74ms
74ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2755455747985498&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D0A6 0
12 B 40ms
40ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4gK5Dw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 04:38:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BC8E 28 B
54 B 56ms
56ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Goog-Request-Time: 1669610305307
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HvuVDebeKGE?playlist=VB3qb9g_Fqw,byBL1CxTTjc,gUDMQ7vzoGI,cO1qG7b8um0,tWpOeB5ViZQ,7KVvy-AmMVU,0bjvZqNLPgk,nqQkvkTZeWw,sVDs-ZdAz9g
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtlMmswX1YtNk42NCi99pCcBg%3D%3D
X-YouTube-Ad-Signals: dt=1669610302385&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image&bid=ANyPxKpSb-A_Z_2L2fiq0_Tla_4-34hjBNq_stuFTqw8RxhSE8ZZ6UY9qjYT7Qnsz79QOS3XcVzzJl9wQvf5IN16A8q8mCG9jw

Response headers

date: Mon, 28 Nov 2022 04:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 28 Nov 2022 04:38:25 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame D9C5 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:25 GMT
x-amz-request-id: V61E4N6NGWRZQH85
age: 1088
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ljPcn8+9QxUU/ST0/RYP8Glf092k+yXW9clNcA7rI1THHCAI4QzrF+YmLiYfD47mQSokXXNfXQk=
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1669610305.451313,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 29
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 753

GET
H2 200 / Show response
pips.taboola.com/ Frame D9C5 4 B
119 B 15ms
7ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4053-HHN
date: Mon, 28 Nov 2022 04:38:25 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://9to5mac.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame D9C5 0
82 B 286ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=7b7a560d-5e4a-4ca8-a782-ba6bdadbbf38-tucta7dc0be&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 04:38:25 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A6E6 42 B
64 B 83ms
83ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX_aa-0yWW5uRKDJ9KluKwDQagF23SZ0YXUWhLF2NnkIZTBjkwVil5o32xBNfa4PR5MY46EMBqn2b9gwExbzj90Vvh5_BgHNqWPLvYh170qWy-4zXkznUOr561Ww8Wi8i-E-0gxmAnGdEHueqARkpA6jJl_w3C-wah&sai=AMfl-YQzMUZnR_mhhVNnH8gFcLTlU9e1-349GmxTmRR6kkHegRXLTygGnpkTQQ4jgupCDGZJVnQqiJUi0JWgCBkH-nNgYEUhmTKTPvpKT0ZzAUb_vKrLvwck4RS97wnj7iY&sig=Cg0ArKJSzE1y_feBqzwPEAE&cid=CAQSPADq26N9vdASV4IObco3EtCvRjYoaHyEVSBzQMFAInCbWvRf4ngZvHu_R6lN_TAyUE4xgsCMMbdtr1kooBgBIBM&id=ampim&o=315,205&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=604&tls=1604&g=100&h=100&tt=1604&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 04:38:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame D241 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 28 Nov 2022 04:38:25 GMT
x-amz-request-id: V61E4N6NGWRZQH85
age: 1088
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ljPcn8+9QxUU/ST0/RYP8Glf092k+yXW9clNcA7rI1THHCAI4QzrF+YmLiYfD47mQSokXXNfXQk=
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1669610306.578983,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 29
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 754

GET
H2 200 / Show response
pips.taboola.com/ Frame D241 4 B
38 B 7ms
6ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4053-HHN
date: Mon, 28 Nov 2022 04:38:25 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://9to5mac.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame D241 0
82 B 428ms
87ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 04:38:25 GMT
cache-control: no-store
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2755455747985498&bg=!rK-lr-vNAAbvMpMzzzI7ACkAdvg8Wi8nVmkZm30rxdf1OWW5sU-4GhoEEXUSLVrGKy_M7ljTGDeAqwIAAACNUgAAAAJoAQeZArHXN7iPaKHGsL2uvtrb0_3gi1upBopI0Bjm4FaUqqEL7RZTwNDEm-pO3Oz5KzX0mZq7-kB2BmVZLe7rvN_Qcz4HFa5BS7O77xrUMQY1XDluj_xCpeR5cTVCVndaM9SYeQULwc7Pwkhp55gls4f30HW8kwxPm8kjyWzXL84WsDouzpgOHzrtyBOJGQQMA9SCVbKt8qaXWxz30kFIkbMPhu7n7H8YUlF5UODYRzacKWDCifuLmMLhZUMTMkT5OkJXHyLa6KtkXneKdGuJlI42TGdidXWNcz-bOf64x4T691lRi8uh5d0FRNEwYLJHwSAJOp-8vpi2GeWvlDLgePByHTmsu0THrHYUvxZ0p_aedPfCJVNnrFqkEYmV2OAlbN0WEl-3LCLDnFCP5jB0WyQ6xr4O_y0Mr26GUVIRSGDN4MXcrP1rQlUSdvLypSDI9W6JfGf2WXBVP4rEgebZht4Ju4Cwo90J3iglUw5ZFaVnK3Rv2xKOsMxqMzES49gnFrr6-vB3YvXdqIL0cWYeGNDmzEBECmkIPhWkE9PFA_X0gt-nXUt1wDtmYXnVxPXQlkGROVUYeEE8xsYwy4Mc1ORozlXP_H794lAnfEle2w923R4paRBa2I2MVf0jeDu9bXkhCI6eT5sN9UIx9nRQOr60tuR3B4KVloHBAao45NoO39bULAD48zSOLS57Y_ilk_2ZdvjOi8tbCw9ylxHg63R-Pj6sV82DnzD1yiskDIWl-_gFj1tF-7bLh81fUTGKWHwGs5O1V_GMNTprYKAYETaAR1Bc5rxwiF6sO6C27yTZI5KGL3uYxZSF1yDVl45vQpHFhRIsbeq0P7qBtzwWFFldm6iLSud41F9sySqXRs2ZrbsKvK6Ox3_s1-fOLoTbpjG-pkwy9UbZvCSK_Qey4jKQjjKowg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5mac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

POST
H2 204 e
1x1.a-mo.net/ 0
112 B 439ms
109ms Ping
text/plain 3.224.119.28

General

Check archive.org

Show headers Download Go to

Full URL: https://1x1.a-mo.net/e
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/adapter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.119.28 -, , ASN (),
Reverse DNS
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 04:38:29 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame D241 1 KB
783 B 67ms
67ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1669610309820&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=631909898&tz=0&viewable=true&ddast=V7Md8CFgMLsjucSnwDNwQLsjucSnwDNwUAAAAGBuIHJDBYGFajxWgtmsxMbtFsuVpLXCPDWrUxOSeG2cS12Y2GQAKDhWE1WozWosnM5BbNlqu1xDUyrFUbk3NimE1cm91oDTloOh0-171eOfq71g6PXeN3-yWDyWQvWOwlw73q85a9LJ-n3-7W29yCl8_heX3eMovTLwcAAACAh____38IAAAAgAgAAAAACQAAAACKgIp_C4ELAAAAAIz___9_DQAoDgz5m44uu8V1-Rn0FoPIZTmIHq6Ly_IPAAAAABAAAAAAEoAB0uoSAAqXk5P__________5gB-swbmf____8bgx6ABx-AByEAAICPodJLUNLBLF8ZooLYIkYAAAAAudWbqUeTOqGyqPr__--3ArgCAAgg5D10M8vSHZR4CwMAACAQa3xXqGTuzaUdW6CHxe83O-wav9tl__________9m_2f_aEJFXClpQSIUe2q_gAAAa7-AAABs6gYA8CYAF3IUaDodPte9Xjn6u9YOj13jd_tFFwCrM6DdcDWazA4AAADg7v___x-v8V2hkrk3l1YPhFa7mW9jmFicI5vNsRuMLJ7JZjhZuVab4WhkWW2P5pSbfSu6Jdxvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgN8CJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJgZLRybjcO51nhmK7doZdu4JZbNzC1cLIaD5cQ225g2a9HrY3r4Rh7DxOZFwYClvUieFulEMBpZbDbfarPaLQyr5ciz2m0mNsfEsrFYJq7RwiKWaE4W6UR22ZdWu5lvY5hYnCObzbEbjCyeyWY4WblWm-FoZFntO6OFY7NxONcaz2zlFq1sG7fEspm5hYvFcLCc2GYb02Yten1MD9_IY5jY_I3ZbDlbDDaDzb4xmy1ni8FmsNl3mEzP1OdsdE2Pfo_Qm9hdpjKbw6BwGSzen8S0mHZnB8_vd3Tq1C9lUWcUXr5Hr0HhOXhUt7_O2X1dj6fpUuc9GBSxRHCRTkROz-P1eeueJp_L9NY8bC7T8-yyvcyWwdhv95keTrNhORFLlKaLdKKXDCaTvWCxlwz3qs9b9rJ8nn67W29zC14-h-f1ecssTotYIjhdpBPRy3i6qP_4EMPVXLLYzBWr1VwxW64SAAAAAAAAAMAS5sybAAAAAJwGshkOB6t1HsRmMlltVssFeFCX0AUGAQAAAAAAKG78uIScnsfr89Y9TT6X6a152Fym59lle5ktg7Hf7jM9nGbDcsoAD06LzJs_E8RarZY1AACAADYAAEAAt27eAsKs-P____84AAAAGTl6AAAA8X0glQculHrhR36CXAxGAw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=aatestfgc1_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2F9to5mac.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ae72a504da695844b72d0707ebc9d65d5336d671646ba1e4c2ad7142964537b8

Request headers

Referer: https://9to5mac.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 28 Nov 2022 04:38:29 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1447
x-cache: MISS
x-served-by: cache-hhn4064-HHN
pragma: no-cache
server: nginx
x-timer: S1669610310.820630,VS0,VE60
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://9to5mac.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5mac.com&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
9to5mac.com/2022/01/28/us-version-of-pegasus-fbi	1969-12-31 23:59:59	Name: Value: test
.9to5mac.com/	1970-01-20 07:46:52	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/%22%2C%22sref%22:%22%22%2C%22sts%22:1669610301613%2C%22slts%22:0}
.9to5mac.com/	1970-01-20 17:16:14	Name: _parsely_visitor Value: {%22id%22:%22pid=1d6f0ea6927d2baddcc282a240d4bbf1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1669610301613}
.prebid.a-mo.net/	1970-01-20 16:32:26	Name: __amc Value: 1_1669610301_1669610301
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: f0VXg7vmS2U
.youtube.com/	1970-01-20 12:06:02	Name: VISITOR_INFO1_LIVE Value: e2k0_V-6N64
.9to5mac.com/	1970-01-20 17:22:50	Name: _ga_J70SYZBTQ7 Value: GS1.1.1669610302.1.0.1669610302.0.0.0
.google.com/	1970-01-20 12:10:21	Name: NID Value: 511=ATJ1Q7AROHkYtEhLEfqq3NMAdK4bKUH64CSHIhgWrEquptkndWrVPyrv1dzov0tH_OtI67XE9sPE--by4wRWrFBvbvtb82FOJnQjJKG0uFpR-YAVI46yGvA0_wI6rq3pO1Kcbr0QM1l6yqcpO2EHprH3FX1gfjfV6t96Be2ZiWg
.quantserve.com/	1970-01-20 17:17:04	Name: mc Value: 63843b3e-4a2f2-b2edb-0d95c
.9to5mac.com/	1970-01-20 17:11:19	Name: __qca Value: P0-2115403895-1669610301963
.doubleclick.net/	1970-01-20 17:08:26	Name: IDE Value: AHWqTUny0bEwOQcYm1Umm3HV93vhdAURBOx6JX7ohFwrtDjUzRIcJJAJyyqOAOeMtr4
.9to5mac.com/	1970-01-20 17:08:26	Name: __gads Value: ID=8e2da7e15370754c:T=1669610302:S=ALNI_MajSbWqma_AgOKZn1u9cnIXwkY5HA
.9to5mac.com/	1970-01-20 17:08:26	Name: __gpi Value: UID=00000b8938466e46:T=1669610302:RT=1669610302:S=ALNI_MaxxkcaBgwz0vWAItqPHXsehsf6XQ
.9to5mac.com/	1970-01-20 07:46:53	Name: AMP_TOKEN Value: %24NOT_FOUND
.9to5mac.com/	1970-01-20 17:22:50	Name: _ga Value: GA1.2.2015005901.1669610302
.9to5mac.com/	1970-01-20 07:48:16	Name: _gid Value: GA1.2.135320734.1669610303
.9to5mac.com/	1970-01-20 07:46:50	Name: _gat_UA-1493547-1 Value: 1
.doubleclick.net/	1970-01-20 07:46:51	Name: test_cookie Value: CheckForPermission
9to5mac.com/	1970-01-20 16:32:26	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D34a13ca9-c36e-4e6c-b23f-811809b66c43-tucta7dc0bf
.doubleclick.net/	1970-01-20 07:46:53	Name: DSID Value: NO_DATA
.spotxchange.com/	1970-01-20 08:27:09	Name: audience Value: 7e9bc8e3-6ed6-11ed-8689-1a27ea400206
9to5mac.com/	1970-01-20 16:32:26	Name: _ga_betauid Value: %5B%22eb12781c-f716-e000-0641-146276d7341d%22%2C%22n3%22%2C%222fkssfyieo753rcr2j%22%5D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/ Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=c1c7d488bb2df8a8b659d5d41634d304' because its MIME type ('image/gif') is not executable.
javascript	error	URL: https://9to5mac.com/2022/01/28/us-version-of-pegasus-fbi/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5mac.com&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11' from origin 'https://9to5mac.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5mac.com&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9429700965190154635/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2445248216782983&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.2541912099~i.23~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1669610302&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3052664160&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5mac.com%2F2022%2F01%2F28%2Fus-version-of-pegasus-fbi%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669610302400&bpp=2&bdt=1110&idt=2&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9ad828b4d41e20c-22bb1aaca2d7006d%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MbOy6QidpBlPnM1YpmLB0Vkbt_eeg&gpic=UID%3D00000b89384f255c%3AT%3D1669610302%3ART%3D1669610302%3AS%3DALNI_MYELYBknU-K_PN5sqRvCj-7_ilClQ&prev_fmts=0x0%2C336x280&nras=2&correlator=47243702042&frm=20&pv=1&ga_vid=2015005901.1669610302&ga_sid=1669610302&ga_hid=130576104&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770880%2C31070950&oid=2&pvsid=2755455747985498&tmod=1289237708&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=JTW0cDYYxb&p=https%3A//9to5mac.com&dtd=52 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9429700965190154635/index.html".
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
38e7dc5ccb2953c81d671a2cfae4782c.safeframe.googlesyndication.com
9to5mac-com.videoplayerhub.com
9to5mac.com
9to5maccom.disqus.com
aax-dtb-cf.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.btloader.com
api.viglink.com
assets.a-mo.net
btloader.com
c.amazon-adsystem.com
c.disquscdn.com
cdn.9to5terminal.com
cdn.ampproject.org
cdn.parsely.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
contributor.google.com
d35xxde4fgg0cx.cloudfront.net
d3div1mtym39ic.cloudfront.net
disqus.com
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i0.wp.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
jnn-pa.googleapis.com
match.adsrvr.org
nineto5mac-d.openx.net
p1.parsely.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.quantserve.com
pixel.wp.com
prebid.a-mo.net
referrer.disqus.com
region1.google-analytics.com
rules.quantcount.com
sb.scorecardresearch.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
tempest.services.disqus.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
c.amazon-adsystem.com
dmx.districtm.io
108.138.4.150
13.32.105.95
13.32.121.37
130.211.23.194
141.226.224.32
141.226.228.48
142.250.185.198
143.204.215.42
147.75.85.234
151.101.193.44
151.101.64.134
18.66.100.58
185.89.211.132
185.94.180.126
192.0.66.2
192.0.76.3
192.0.77.2
199.232.196.134
199.232.196.64
2001:4860:4802:34::36
216.52.2.39
2600:1f18:612b:4216:7c0:9dd:bfc5:265a
2600:9000:2057:e00:6:8656:f5c0:93a1
2600:9000:223c:b800:6:44e3:f8c0:93a1
2600:9000:236e:8000:9:674:7440:21
2600:9000:238c:8600:11:1ed0:3900:21
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:832
2606:4700::6813:9e13
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9b
2a04:fa87:fffe::c000:4902
2a06:98c1:3120::3
3.224.119.28
34.246.116.247
34.98.64.218
35.71.131.137
63.34.81.234
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04fa2e9a070cb3f87a207eedd4c74838fae5ac1d224707e4b1cba8f4421e314d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b3cf9af12ee8508f16a0585a505d12a48bd7276a31d0f7e642a6bb5e82e1eaf
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95
16f32058f55d76f422093f0b8520aee2421088c531d2572bb81d6816ba03d3ae
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6
19261df83d5a2e7918685c5afbadb791b5b7b08cc26fa3b1739fec10876ce17c
19ddbae80f8d0be759f52ce9dd6245357a62563ce38c0d3f6523e99e129b862f
1ab973046df6d5692dfbc9c864f976ee25380267873769f28b05f32ba8e5363d
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b2401dd51e8144cf88fb66c50a6c9c4433f9acbce7ad8743c51d1b622e999fd
1cadfa9c7248977a33b70cfbed2a03067cc7b762cfcdabbc7d9d0a3fcad833d3
1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6
2030e2b8ffa334e545c8af970cba4ac72273d859231902bc17edb82588be3dcc
219b9234c7b8a7203fc4d4a7cee4b740f25fbaa0e3fd34ebc4b64e105197e508
227a089e91ccdb0082148dc873094818a67983e1fe3fa5dcff80d4c61ec7df24
22828b6af3451e20f7a5c4945df06b88ffb09ae9e827ba5cfa3223e0ef214825
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
2aa5622bdc7932f26223cce75ec9cacaf737827e9ca5dcfa4eb2790021df9e71
2bd1f0ef5089a56583e6f712d0ff2084236d1659e68118b62b614913a6019c09
2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066
30403bfa0ebd552a8a5bfa6edcba8504fba7aeed2825a4e1ee927e94b605e221
3147244e402afe8b4aae6b0fd084ae90551a150fb3d5b18f081805765e479197
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34f1c145f84b4de1df562f9dd8906a0d8acf2ec67ce25e258f85e10dd0def9e1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
3a7c8566662967d066c0faf5c095f2599840173f1c4ea6fce45ef03a1877b294
3cf0b0d4b66dafe8eec123936408cdcce3cf8f4d98304465e0cf1ad80c0ed21b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ee4f2a4218bc45f0b21dc634b098a40fcbd6a52801e84e0addd47dddf91ae22
3f967f046fa64a3078439c0062934126f61d930323ffce8f4f9b630d3dfd4a62
3faed0c129699bd6194b26b18305d3d7dac9de24f42d67478b6e5301b58b65fc
4136ce48fe46a8abc46955ba0309afb0a2e0f8446750d4916b0b0340d594d6ff
442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46eb3539529b6b215b75da8fe55ac247a1ab47d3f84ae1a27dd12b6d5fdbec1a
47f42fff67620f64a31667e6cc4151247a20660561d01065a852699f57877311
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a5ae3078cab372da6ae6921c496416e27226b65572165603f029ae4dfbf5e34
4b4363a8c3d40f6eeab66f1afc7aafb0335cfbf44ba6a24648db49bbe66e6144
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4faddca038ae675c1f5d2b56a33d014ca00c52fb03a8e94bb67e8b0527b94913
509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b
5225597c6f9e0a20f331ebcb20f551283af436d85d6771946bb78f5201605e5c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd
5a1ebd3744235569a13687de1e99a1bd43618fea41b5da60ea8adecf28669bdd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bc42315677c2770b0f898da48d2a4cd35aeaf1d38659fd93abe1ee1611d8481
5d84e8c5853347349ceb41d356393ffcffb54de397aa23ccbad73f7970e2e20a
5e5f8c7da94dbc4315d01d0470150e7c4f0f374f9dabbb839865cbb79e6ea678
5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795
62e7f4ab5a81a58de3b1ce876428c9fc3b791dca265f845ed2ca3744c2c2880f
667875e96abe467776ed6bfd14a9227bb6a87bff91afc20c5024bdb1755e4709
693207359889a0d99c229602edd633a2c208119ca6d04d7e9e67ac2a79651a3f
6c8c972e9ab8dc08fcd24d54058a752a36faae8b303ec5be4a29d8197e43d7f9
6cb4e5459b8592b083b9ad65323531f8bef596f9f1175adfd98c8bcdb05f91b7
6cfd6bdd955ca1d54b0488e66452eeb1f37cb74cc84a60f368a66779d310fb13
6d1a652f60bf21f11bfa09dbc8cee82673824c21dec2b21d007e413be0dd2904
6ed02d42bcd8f9ebc716a2cba9309cd84c560441c9966cda1d04a9a196d114a0
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6ff374afdef0b8cc9a0d2e2cc1ca99b89be995f4a69b64cd57212e6937eb81b0
710e47a70d74095da5e70e8acb621a070ba668809cb3624e40e6b4c6103c2cba
72df2525cbf95018eb83447b72cee293689e8ac2ef07cf99b81804e499fb8139
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a71af59a4874052c8c848a6e69c612255b07f005de46ed0f5c28f28ebf5ea9
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7bf6f1cc70df4f9ec42f975fcd6a7f55f47c7057bc42396e024dd4cbc0252e1b
7e5d3d7a9b5f9ed6d983175c9abdd10aaf3ab8a31c6d9093d8b9fa9849ee6062
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d40970930db6c817dec206c7e591251703de197e4d94c7ceb7f60effa70f4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471dc315d0e39f671ae55d2b85ae658ab38d7ee9eac6839bd07eb6243a0da0b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f0ba0f89aacc80428c7ccb9a0bc87a2ab4d7cf7149a8056bd74a53e4a2f036
8527e38c62e1e1e7ca60a5588a8a74ef66459bc12ad63ecef990edd35d6355ce
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
876bfa3757fa1284033751b480be6f5a014d9587431448f02943c07201e62ec5
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38
89a4fc67baf6e7de5d22417727ecf6fedd2f250e895439da6c481845f8594fc0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a88ee757d12bf1d417693d6603ed611a28fd3a1e62ecea097efbef7da66f524
8bfeca6ea4b8303c8049e80d773e66416968e2a1efa35024324a113493edce6b
8c5fa2b9ec22342d8d82f49a68e465f84abdf68da3dbb790d15ad81303f977c6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
912d088e94b69faf48d020bf5473bcbf695060e07fee92cc62d5c3370a6a788f
9215e17df92fe30d4f82d37a1c2a592060840e4534501aa62ee3b8295c02dbaa
96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97adbdf3f7638eb423844ad954304ea74e5a6f8181d661c506c8f916f28914e8
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9efdfdfaa29a5654bebd6e14e251f942cc574102f226e615bcf97b096603b6e0
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09b3f23ebf93d43570a012f3af125272118adeae8006c914fef1376a9e0fdc7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
aa234b65f1550732bb16a8d35537cec3fbc429ac1341a3c2f7ece41e8792ad7e
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ae72a504da695844b72d0707ebc9d65d5336d671646ba1e4c2ad7142964537b8
aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0df4d607500f22c2ab2cca5a36c2a787f28bbcd36c3d284a78a671ddace7ccd
b1494dd1cd32470f947e2b9bea9a0e9955b1d688b1cdc9d16d64b3e48347f1f0
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b1c32c7964c0e37873b3e92963ada17ab49f3a4d53329a0235cedd4d0c6afc23
b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804
b424ff82179a0fa8d39abff6831a81dda88f13199d5cf75983ed463d2c7fbe6d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c
b483206df30c8cb8addb6e9444130ccd46311971a3b896e3cde1127cd146ccae
b51a795671380c9b4dc816b657dd48c2653b1d9f99944984cf85306f195dbb76
b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bd4aaff1e96a9abfbc048859ae187f32afa8ba2ef9f001f663d0608315980706
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bdfa3d92287fdb3bb869f96fe21b3866f5fb913f66e0daf3149e0765496c74d5
c16b44b1ecda3a17493261e87af588d28b8a1ac5f5185d0c9c53d671a59b155b
c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba
c3b730c64c44e77c40ebc8d01c3a380570b802f6f61f271d716c387991635b0f
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c49ead6cf8abfb76c0244bc9e907f147995a5b2b48e58586ce7d3e9d0e39e9fb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc030adabd4fa29e51fa09d90dac1075a62bbc57183f1f35475b78a99a8db1dc
ccdb4f9af6f32b53e02ae440bff95717369c92d864cbdceb54f5f5aff5ef17dc
cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3
cdebb67912713d85a72c34f8d07e36d0f8e99a9635c4c0f0117a4918de0b7368
cdfcad537954cef5f6f28df06ecf68ab0e1914d74950e5cd1f8595d0e97ba3a4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d2a438345477c284b6ea53ff812d0a29086f9b4ffeed2fb37ad2f9b574bb56f7
d2e80a311955d577652a5117b6e2e03781256c09a60859065f88f02b9edb819c
d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750
d4966678ef68d93add07ae12f2ac8fae8a7a411ddc854f66a046b232445e4cec
d51d831b072e1efe86dadd611955d5894b1c544fded82458848ecc78eed02272
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706
da8e1a89b08797ffa3c4df6796414e871f84cbe8191fb6d5f2374e88b116f0d2
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc89890d053a0c78b6feab004ed8022f5ce9ac0b2d02f2a7eea165ce47a0c8a0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9b776e2196dfdcf81dc3ca40b72a8175c8d62f14e42a6d6d8fd1b2049e986d
e184613b2edf9f00aec7b21fc8a8212849e3d9abd0e9ff96406b78e7fcdb4a0e
e2b2195e190b8792700c2151948572434f4a2d6b634f43886179f958773a6029
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862
e839334d0e108c9d68da2108e439b261d77a141849de189bf5fbf9495a604e45
e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a
eb616d9de902dde2d730bad73bcc366c829be77728dbbc56ad688eaf272380d3
ec73e6c8b232edb8ac26d73666a51dab8d0f1aaf377f03d8cc8ccad3016dcfe1
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eea1bc2b2eed432feaa23056be7d9d14425b94c8f4ffff8bdaca7b79a697158b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04600ca36e8aa20c4f523cbc176165c79a0e84f13daf2969f6f58b6e56eea8e
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f403f0d0b079edc5d905f0809df0e2d4cef9d8421a53795fbb8c797f665bc7e7
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f4a61c0b2a8f265a0a2fe29e8d8cf6af9314325fc6a18ab6d4dfd2c1c2367071
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f835126410711c5a06888b35b572708a9a00b5d62ec750cb0ef85ab551f5de4b
f8a51b511d6007123269ee7263eea99141218ad282d7f66471e6fc4d35f49310
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc04012ffaeb218a2a0d95ed2da41d7f479170c4ed21055d377b467f6969427f
fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff08b236f2dd340b9124c3a7e11f35c730b58e34d8ad76069efd69055bc360ae
ff41638e427ea9c796df6097be56a8d87998e40e755f5f9655232ceae785181a

9to5mac.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

301 Requests

96 %HTTPS

59 %IPv6

37 Domains

76 Subdomains

60 IPs

5 Countries

6514 kBTransfer

15889 kBSize

22 Cookies

26 Outgoing links

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

9to5mac.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

96 %
HTTPS

59 %
IPv6

37
Domains

76
Subdomains

60
IPs

5
Countries

6514 kB
Transfer

15889 kB
Size

22
Cookies

301 HTTP transactions
14 data transactions