www.bnnbloomberg.ca Open in urlscan Pro
23.217.175.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Submission: On November 28 via api (November 28th 2021, 6:11:30 am UTC) from GB — Scanned from CA

Summary HTTP 370 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 88 IPs in 4 countries across 69 domains to perform 370 HTTP transactions. The main IP is 23.217.175.140, located in New York, United States and belongs to AKAMAI-AS, US. The main domain is www.bnnbloomberg.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 2nd 2021. Valid for: a year.

This is the only time www.bnnbloomberg.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	23.217.175.140 23.217.175.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2 18	23.217.28.32 23.217.28.32	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:1400:d:5... 2600:1400:d:586::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	23.52.163.40 23.52.163.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 13	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21d... 2600:9000:21da:bc00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
12	23.204.138.74 23.204.138.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.41.188.28 23.41.188.28	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:20:... 2606:4700:20::ac43:4af5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.37.186.57 52.37.186.57	16509 (AMAZON-02) (AMAZON-02)
2 5	13.226.37.38 13.226.37.38	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
4 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
6	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
5	2a03:2880:f06... 2a03:2880:f065:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:141b:13:... 2600:141b:13::17d7:82d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.64.157 199.232.64.157	54113 (FASTLY) (FASTLY)
1	23.52.162.36 23.52.162.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
3 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
6	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1 1	34.197.16.142 34.197.16.142	14618 (AMAZON-AES) (AMAZON-AES)
1	3.138.71.180 3.138.71.180	16509 (AMAZON-02) (AMAZON-02)
1	3.143.162.26 3.143.162.26	16509 (AMAZON-02) (AMAZON-02)
4	54.192.160.42 54.192.160.42	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	52.40.172.46 52.40.172.46	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:109:c002... 2620:109:c002::6cae:a0e	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	54.165.183.227 54.165.183.227	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
6 7	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f16... 2a03:2880:f162:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.199.204.79 23.199.204.79	16625 (AKAMAI-AS) (AKAMAI-AS)
5	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
1 10	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 1	52.5.82.14 52.5.82.14	14618 (AMAZON-AES) (AMAZON-AES)
5	34.226.34.89 34.226.34.89	14618 (AMAZON-AES) (AMAZON-AES)
2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	23.200.228.59 23.200.228.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
3 6	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
7	2600:141b:800... 2600:141b:800::17c5:c1d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ea:8400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 9	54.173.172.38 54.173.172.38	14618 (AMAZON-AES) (AMAZON-AES)
6 6	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
2 11	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::626 2a04:4e42::626	54113 (FASTLY) (FASTLY)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a01:d442:ba08:69c2:12fc	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3039::6815:c09d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.213.10.151 18.213.10.151	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.250.64.102 142.250.64.102	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:806::2004	15169 (GOOGLE) (GOOGLE)
10	13.226.37.82 13.226.37.82	16509 (AMAZON-02) (AMAZON-02)
1	152.199.5.228 152.199.5.228	15133 (EDGECAST) (EDGECAST)
8	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1 1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
25	3.230.85.182 3.230.85.182	14618 (AMAZON-AES) (AMAZON-AES)
21	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	35.231.227.177 35.231.227.177	15169 (GOOGLE) (GOOGLE)
2 2	52.22.30.205 52.22.30.205	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.38.167.129 199.38.167.129	54312 (ROCKETFUEL) (ROCKETFUEL)
11	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	199.187.193.165 199.187.193.165	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	23.211.130.59 23.211.130.59	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.192.31.127 23.192.31.127	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	199.187.193.185 199.187.193.185	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	2600:1f18:612... 2600:1f18:612b:4200:787a:99c3:22c2:11ca	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.2.111.137 8.2.111.137	46636 (NATCOWEB) (NATCOWEB)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
4 11	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.251.4.156 142.251.4.156	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4264:e1d3:1d00:f599:e1ca	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.222.26 44.194.222.26	14618 (AMAZON-AES) (AMAZON-AES)
8	13.226.37.90 13.226.37.90	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1 1	74.121.140.14 74.121.140.14	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:210... 2600:9000:210b:7600:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21d... 2600:9000:21da:200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1 2	23.52.161.201 23.52.161.201	16625 (AKAMAI-AS) (AKAMAI-AS)
370	88

25 23.217.175.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-175-140.deploy.static.akamaitechnologies.com

www.bnnbloomberg.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.ctvnews.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.217.28.32 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-28-32.deploy.static.akamaitechnologies.com

webapps.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1400:d:586::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.52.162.21 (New York, United States) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21da:bc00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.204.138.74 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-138-74.deploy.static.akamaitechnologies.com

images2.9c9media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.41.188.28 (Newark, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-188-28.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.37.186.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-186-57.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bellmedia.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.37.38 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-38.ewr53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f065:e:face:b00c:0:3 (Houston, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.64.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.162.36 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-36.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (Secaucus, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.16.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-16-142.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.138.71.180 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-71-180.us-east-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.143.162.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-162-26.us-east-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.172.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-172-46.us-west-2.compute.amazonaws.com

bellmedia.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c002::6cae:a0e (United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.183.227 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-183-227.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.41.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f162:81:face:b00c:0:25de (Houston, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.204.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-204-79.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.82.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-82-14.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.226.34.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-34-89.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.228.59 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-228-59.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.214.117 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:141b:800::17c5:c1d3 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)

pe-ak-vp07a-9c9media.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:8400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.173.172.38 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-172-38.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.218.90.66 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.190.66 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a01:d442:ba08:69c2:12fc (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c09d (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.226.37.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-82.ewr53.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.5.228 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States) 1 redirects

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 3.230.85.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-85-182.compute-1.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.231.227.177 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 177.227.231.35.bc.googleusercontent.com

dmx.us-east-33.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.30.205 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-30-205.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.165 (Canada)

ASN47043 (SMARTADSERVER, CA)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.211.130.59 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-130-59.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.187.193.185 (Canada) 2 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:787a:99c3:22c2:11ca (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.111.137 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 8.39.36.142 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:e1d3:1d00:f599:e1ca (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pc083-12m5d.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.222.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-222-26.compute-1.amazonaws.com

ads.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.226.37.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-90.ewr53.r.cloudfront.net

video.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.14 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:7600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.161.201 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	freeskreen.com static.freeskreen.com sb.freeskreen.com ads.freeskreen.com video.freeskreen.com	6 MB
30	9c9media.com 2 redirects webapps.9c9media.com images2.9c9media.com capi.9c9media.com	656 KB
24	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	314 KB
24	bnnbloomberg.ca www.bnnbloomberg.ca	919 KB
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net bid.g.doubleclick.net pubads.g.doubleclick.net	179 KB
21	2mdn.net s0.2mdn.net	273 KB
21	googlesyndication.com 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	115 KB
18	rubiconproject.com 7 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-us-west.rubiconproject.com pixel.rubiconproject.com pixel-us-east.rubiconproject.com	29 KB
14	districtm.io 2 redirects cdn.districtm.io dmx.districtm.io dmx.us-east-33.districtm.io	6 KB
14	yahoo.com 7 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com	5 KB
14	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	52 KB
14	krxd.net 1 redirects cdn.krxd.net consumer.krxd.net usermatch.krxd.net beacon.krxd.net	184 KB
13	casalemedia.com 5 redirects htlb.casalemedia.com ssum-sec.casalemedia.com as-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com ssum.casalemedia.com	37 KB
11	googleapis.com imasdk.googleapis.com ajax.googleapis.com fonts.googleapis.com	1 MB
9	sharethrough.com 4 redirects match.sharethrough.com	2 KB
8	agkn.com 3 redirects aa.agkn.com js.agkn.com d.agkn.com	8 KB
8	permutive.com cdn.permutive.com api.permutive.com	154 KB
7	akamaized.net pe-ak-vp07a-9c9media.akamaized.net	1 MB
7	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	13 KB
5	google.com adservice.google.com www.google.com	1 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
5	linkedin.com 5 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
5	facebook.net connect.facebook.net	285 KB
5	adsrvr.org 4 redirects match.adsrvr.org	3 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
5	adobedtm.com assets.adobedtm.com	102 KB
4	smartadserver.com 2 redirects ww1772.smartadserver.com sync.smartadserver.com rtb-csync.smartadserver.com	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	45 KB
4	facebook.com www.facebook.com	800 B
4	googletagservices.com www.googletagservices.com	136 KB
4	demdex.net dpm.demdex.net bellmedia.demdex.net	6 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	mathtag.com 2 redirects sync.mathtag.com pixel.mathtag.com	2 KB
3	tremorhub.com 2 redirects scm.publishers.tremorhub.com pc083-12m5d.ads.tremorhub.com	1 KB
3	exelator.com 2 redirects loadm.exelator.com loadeu.exelator.com	2 KB
3	everesttech.net 3 redirects cm.everesttech.net sync-tm.everesttech.net	865 B
3	rlcdn.com api.rlcdn.com idsync.rlcdn.com id.rlcdn.com	988 B
3	tru.am tru.am beacon.tru.am	12 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	33 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	eqads.com 1 redirects um2.eqads.com	563 B
2	jwpcdn.com ssl.p.jwpcdn.com	38 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	80 KB
2	chartbeat.net ping.chartbeat.net	401 B
2	adsymptotic.com 1 redirects p.adsymptotic.com	539 B
2	google-analytics.com www.google-analytics.com	20 KB
1	admanmedia.com 1 redirects cs.admanmedia.com	444 B
1	rfihub.com 1 redirects p.rfihub.com	744 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	606 B
1	bttrack.com 1 redirects bttrack.com	695 B
1	jwplayer.com entitlements.jwplayer.com	244 B
1	ad4m.at ad4m.at
1	smaato.net s.ad.smaato.net	239 B
1	google.ca adservice.google.ca	792 B
1	bluekai.com 1 redirects stags.bluekai.com	712 B
1	t.co t.co	469 B
1	twitter.com analytics.twitter.com	675 B
1	omtrdc.net bellmedia.sc.omtrdc.net	394 B
1	prmutv.co 289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co	456 B
1	addthisedge.com v1.addthisedge.com	565 B
1	gigya.com cdns.gigya.com	301 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	criteo.net static.criteo.net	38 KB
1	ctvnews.ca beta.ctvnews.ca	7 KB
1	indexww.com js-sec.indexww.com	34 KB
0	nexac.com Failed r.nexac.com Failed
0	weborama.com Failed dx.bigsea.weborama.com Failed
0	ixiaa.com Failed kr.ixiaa.com Failed
370	69

	Domain	Requested by
25	sb.freeskreen.com	static.freeskreen.com www.bnnbloomberg.ca ajax.googleapis.com eus.rubiconproject.com
24	www.bnnbloomberg.ca	www.bnnbloomberg.ca
21	s0.2mdn.net	imasdk.googleapis.com 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com s0.2mdn.net www.bnnbloomberg.ca
13	px.moatads.com	www.bnnbloomberg.ca
12	images2.9c9media.com	www.bnnbloomberg.ca
11	pagead2.googlesyndication.com	srcdoc www.googletagservices.com imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	dmx.districtm.io	1 redirects cdn.districtm.io www.bnnbloomberg.ca
10	static.freeskreen.com	www.bnnbloomberg.ca static.freeskreen.com
10	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com s.amazon-adsystem.com ssum-sec.casalemedia.com match.sharethrough.com www.bnnbloomberg.ca
10	securepubads.g.doubleclick.net	www.googletagservices.com www.bnnbloomberg.ca securepubads.g.doubleclick.net 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
9	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
9	capi.9c9media.com	2 redirects www.bnnbloomberg.ca webapps.9c9media.com
9	z.moatads.com	www.bnnbloomberg.ca s7.addthis.com z.moatads.com securepubads.g.doubleclick.net static.freeskreen.com
9	webapps.9c9media.com	www.bnnbloomberg.ca webapps.9c9media.com
8	video.freeskreen.com	ajax.googleapis.com www.bnnbloomberg.ca
8	imasdk.googleapis.com	webapps.9c9media.com imasdk.googleapis.com static.freeskreen.com
8	tpc.googlesyndication.com	www.bnnbloomberg.ca 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com ajax.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	pe-ak-vp07a-9c9media.akamaized.net	www.bnnbloomberg.ca webapps.9c9media.com
7	cm.g.doubleclick.net	6 redirects eus.rubiconproject.com
6	ups.analytics.yahoo.com	6 redirects
6	aa.agkn.com	3 redirects www.bnnbloomberg.ca d.agkn.com
6	api.permutive.com	cdn.permutive.com
6	cdn.krxd.net	www.bnnbloomberg.ca cdn.krxd.net
5	pixel.rubiconproject.com	eus.rubiconproject.com
5	token.rubiconproject.com	3 redirects eus.rubiconproject.com
5	beacon.krxd.net	www.bnnbloomberg.ca cdn.krxd.net
5	c2shb.ssp.yahoo.com	js-sec.indexww.com
5	ib.adnxs.com	3 redirects cdn.permutive.com js-sec.indexww.com
5	connect.facebook.net	www.bnnbloomberg.ca connect.facebook.net
5	match.adsrvr.org	4 redirects js-sec.indexww.com
5	sb.scorecardresearch.com	2 redirects www.bnnbloomberg.ca
5	assets.adobedtm.com	www.bnnbloomberg.ca assets.adobedtm.com
4	eus.rubiconproject.com	sb.freeskreen.com eus.rubiconproject.com ww1772.smartadserver.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
4	ssum-sec.casalemedia.com	2 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
4	www.facebook.com	www.bnnbloomberg.ca
4	c.amazon-adsystem.com	www.bnnbloomberg.ca c.amazon-adsystem.com
4	www.googletagservices.com	www.bnnbloomberg.ca 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
3	cdn.districtm.io	1 redirects s.amazon-adsystem.com cdn.districtm.io
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
3	www.gstatic.com	www.bnnbloomberg.ca www.gstatic.com
3	px.ads.linkedin.com	3 redirects
3	dpm.demdex.net	assets.adobedtm.com www.bnnbloomberg.ca
3	s7.addthis.com	www.bnnbloomberg.ca s7.addthis.com
2	pixel.mathtag.com	1 redirects d.agkn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	bid.g.doubleclick.net	ajax.googleapis.com
2	ajax.googleapis.com	www.bnnbloomberg.ca
2	loadeu.exelator.com	2 redirects
2	scm.publishers.tremorhub.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	www.google.com	www.bnnbloomberg.ca tpc.googlesyndication.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	ssl.p.jwpcdn.com	webapps.9c9media.com
2	21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	secure.adnxs.com	js-sec.indexww.com
2	bidder.criteo.com	static.criteo.net
2	confiant-integrations.global.ssl.fastly.net	www.bnnbloomberg.ca confiant-integrations.global.ssl.fastly.net
2	consumer.krxd.net	cdn.krxd.net
2	ping.chartbeat.net	www.bnnbloomberg.ca
2	p.adsymptotic.com	1 redirects www.bnnbloomberg.ca
2	www.google-analytics.com	www.bnnbloomberg.ca www.google-analytics.com
2	tru.am	www.bnnbloomberg.ca tru.am
2	static.chartbeat.com	www.bnnbloomberg.ca
2	cdn.permutive.com	www.bnnbloomberg.ca cdn.permutive.com
1	mug.criteo.com
1	d.agkn.com	js.agkn.com
1	js.agkn.com	cdn.krxd.net
1	rtb-csync.smartadserver.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	pixel-us-west.rubiconproject.com	1 redirects
1	ads.freeskreen.com	ajax.googleapis.com
1	pc083-12m5d.ads.tremorhub.com	ajax.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s0.2mdn.net
1	cs.admanmedia.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	p.rfihub.com	1 redirects
1	dmx.us-east-33.districtm.io	www.bnnbloomberg.ca
1	ums.acuityplatform.com	1 redirects
1	bttrack.com	1 redirects
1	entitlements.jwplayer.com	webapps.9c9media.com
1	ad.doubleclick.net	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	s.ad.smaato.net	s.amazon-adsystem.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.ca	securepubads.g.doubleclick.net
1	loadm.exelator.com	www.bnnbloomberg.ca
1	stags.bluekai.com	1 redirects
1	idsync.rlcdn.com	www.bnnbloomberg.ca
1	usermatch.krxd.net	1 redirects
1	htlb.casalemedia.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	beacon.tru.am	tru.am
1	t.co	www.bnnbloomberg.ca
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	bellmedia.sc.omtrdc.net	www.bnnbloomberg.ca
1	mab.chartbeat.com	static.chartbeat.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	cm.everesttech.net	1 redirects
1	bellmedia.demdex.net	assets.adobedtm.com
1	289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co	cdn.permutive.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	cdns.gigya.com	www.bnnbloomberg.ca
1	static.ads-twitter.com	www.bnnbloomberg.ca
1	snap.licdn.com	www.bnnbloomberg.ca
1	api.rlcdn.com	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	beta.ctvnews.ca	www.bnnbloomberg.ca
1	js-sec.indexww.com	www.bnnbloomberg.ca
0	r.nexac.com Failed	www.bnnbloomberg.ca
0	dx.bigsea.weborama.com Failed	www.bnnbloomberg.ca
0	kr.ixiaa.com Failed	www.bnnbloomberg.ca
370	127

This site contains links to these domains. Also see Links.

Domain
support.bell.ca
www.bellmedia.ca

Subject Issuer	Validity	Valid
news.bellmedia.ca Entrust Certification Authority - L1K	`2021-08-02` - `2022-08-02`	a year	crt.sh
v.bellmedia.ca Entrust Certification Authority - L1K	`2021-04-05` - `2022-04-05`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
axis.prod.bellmedia.ca Entrust Certification Authority - L1K	`2021-04-21` - `2022-04-21`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-19` - `2022-06-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-12-05`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.prmutv.co R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-05` - `2022-03-04`	5 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.freeskreen.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
entitlements.jwplayer.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-30` - `2022-06-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Frame ID: 2669114F5ADC348CC1E97B8DA9082D49
Requests: 182 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B02789EA446B4E9E82C94A33CF9B7C12
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 912C01852E56B97C6274BAF63A737684
Requests: 1 HTTP requests in this frame

Frame: https://bellmedia.demdex.net/dest5.html?d_nsid=0
Frame ID: CDCE37D74BE245496801E15E4F92F7B6
Requests: 2 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 261F7F16960E0D7FE6F52972A390E134
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 7A638E982F2A5DED472F27726C2F93CC
Requests: 14 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t
Frame ID: D78D5949B6C98C0373F10383231E3AAB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1
Frame ID: B6957E1BAE67AC5910C878A9877F3592
Requests: 2 HTTP requests in this frame

Frame: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7830B5D30CCFBB76E2C0C0E631E11179
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 00AAC3CE0C517E01AC6406E57E2E57DE
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: B0F903A5C659328F8334D740F348C00D
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1BTXVHOTNaRTJ1SVNUcW56OTd5NExsOXFpX2tQOUs5bn5B
Frame ID: D23A81E829EBD61C9EF4169D2E3857D5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=districtm
Frame ID: BDB1908CF637AAFA9A207E96D1509AEC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=appnexus.com
Frame ID: 7CAF24D4E0620EF85CD66C7BF3480247
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: FA903E1FBE6BD2800D06A460EB27445E
Requests: 11 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 4FAAB87AE29527BA63EF9F880EA32EE1
Requests: 2 HTTP requests in this frame

Frame: https://www.bnnbloomberg.ca/5-financing-challenges-keeping-business-owners-up-at-night-1.1686731?utm_source=bnn&utm_medium=banner+728x90&utm_campaign=cart20+221009&utm_content=cons+cobrand
Frame ID: DED9908BBE636340ED9E214C7BBB2886
Requests: 11 HTTP requests in this frame

Frame: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B712253E54EE78D4FECEA86ABF866D65
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAfOXuNK88Yrj6w06QcHk8UDvRbDOlWn-z9DPdfZ0nh2ICsRs1LJ3LBzE0936_S7Vp96LYrhbmYIUm1XJ_ToktnyOicZzU7jRYcZ-kaGtJ-qzn5yxchEawSHO19PF0ogE98CQ9rg5lEWZw4JVJiFEZQycjN_fRaXKzFyTSsMSn8jAZHf-0VqqhN_TdUfoZjNwdry4F7Qf9B_TdBfOXfAuR81I4mncAG_aspQrc2PHYISrzEEodXddPFssShguLQ8_3oCT8ftM3uY5MmrwM2YhQgvcTqMmuIPTdxvb9Joza7iTKQN0Zr3rDBXgtCpqi7_Cjnmd&sig=Cg0ArKJSzJlPehty5xuEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6AC11D8E15E33E03B476981174DFF04A
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 649C494CA3DB1FE74D8532D73B1E6478
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A1C998444142031758379CF689FB3286
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
Frame ID: 67611A3718244E41685D23E4C6F20DB2
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: 078AE8DD24E73E122D75FA051B9B3A77
Requests: 12 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Frame ID: F127178CE8AB9E6049E25D3E7BCC07A0
Requests: 18 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Frame ID: 6DE833E58A4736130F589712755B4BF1
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: FD7FD49C65F597ED101A0EA3E727FCCC
Requests: 4 HTTP requests in this frame

Frame: https://static.freeskreen.com/scm/native/20190702c.js
Frame ID: 1BE110366921593DDCD89F1C45BACB15
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079875%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079875
Frame ID: E260AC9CD2CB8A40A8267EB133946263
Requests: 5 HTTP requests in this frame

Frame: https://static.freeskreen.com/scm/native/20190702c.js
Frame ID: 44F88C3040A00C913296DC5F85130430
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079876%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079876
Frame ID: AB4D496C5701C09316BAFB99556B956F
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: E27B97DE33B97880B32B12DB48564BDB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 2AEF6DB36C3481ECB237316C6D5DB082
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B0D8035CB9B4EE6CD1649785368288A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AFB0B2E53BEC7BE53D06AD63B0733AF8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bnnbloomberg.ca
Frame ID: 0C6F7DF7E48C00840B2446220223A53B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 831E9C985665D33C2885ED2A1CC0A175
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9E913A6C94E6D1824E83CB5434C3381
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=859014474&gdpr=&gdpr_consent=&ref=&bpid=bellmedia&c=%7B%22bpid%22%3A%22bellmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: B77F83DA39D2841F8A87D783BDBCBAF0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

When a Hacker Calls: How Robinhood Fell Victim to a Vishing Raid - BNN BloomberginfoFacebookTwitterLinkedInEmailAddThis

Page Statistics

370
Requests

87 %
HTTPS

33 %
IPv6

69
Domains

127
Subdomains

88
IPs

4
Countries

12057 kB
Transfer

24111 kB
Size

103
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://support.bell.ca/Billing-and-Accounts/Security_and_privacy/How_does_Bell_respect_my_privacy#displayStep
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bellmedia.ca/sales/political-ads-registry/
Title: Political Ad Registry

Search URL Search Domain Scan URL

URL: https://www.bellmedia.ca/bell-media-website-terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.bellmedia.ca/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://sb.scorecardresearch.com/cs/3005664/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 67

https://cm.everesttech.net/cm/dd?d_uuid=62343979600873580793747237977899911040 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YaMdgQAAALyuUQPl

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2254610%26time%3D1638079873686%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cookiesTest=true&liSync=true&e_ipv6=AQLAIlRuctD1wgAAAX1lK0R2GRchvPf3N8HQJ5OOLAUKKRDyTMM6ZC1SSgWyOo16itxdzqzmvzc HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2&_expected_cookie=6f50645016a08e4d7481a92f9cbe3197

Request Chain 85

https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c8=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c8=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&c9=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIzNDM5Nzk2MDA4NzM1ODA3OTM3NDcyMzc5Nzc4OTk5MTEwNDA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjIzNDM5Nzk2MDA4NzM1ODA3OTM3NDcyMzc5Nzc4OTk5MTEwNDA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENvlmIMY-ijyQMV9p4zNxY0&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 125

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t

Request Chain 131

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2doMGJLYm4 HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJR4Ku4-ylpsd1h4qehi1xM&google_cver=1

Request Chain 133

https://stags.bluekai.com/site/26357?id=Ogh0bKbn&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOgh0bKbn%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=Ogh0bKbn&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 137

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YaMdgs9pn4B.hy62MqV8CwAA%26490

Request Chain 146

https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.vtt HTTP 302
https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt

Request Chain 158

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1BTXVHOTNaRTJ1SVNUcW56OTd5NExsOXFpX2tQOUs5bn5B

Request Chain 159

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=districtm

Request Chain 160

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=appnexus.com

Request Chain 161

https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaMdgs9pn4B.hy62MqV8CwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMTdsM0Duu9scYK5QEWGI0&google_cver=1&google_hm=2

Request Chain 167

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&expiration=1640671874&gdpr=0&gdpr_consent=

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOTRJ4UFFxE0PgTXuBwm8DA&google_cver=1

Request Chain 170

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB

Request Chain 171

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8634506771707896453

Request Chain 174

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 175

https://ad.doubleclick.net/ddm/trackclk/N1615345.3460408BBNBLOOMBERG/B26685634.321766175;dc_trk_aid=514055105;dc_trk_cid=162272851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
https://www.bnnbloomberg.ca/5-financing-challenges-keeping-business-owners-up-at-night-1.1686731?utm_source=bnn&utm_medium=banner+728x90&utm_campaign=cart20+221009&utm_content=cons+cobrand

Request Chain 192

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=7a397fd7-a4f7-4eb0-a12e-51af1f3f90a5

Request Chain 193

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490

Request Chain 194

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490

Request Chain 195

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=

Request Chain 196

https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.vtt HTTP 302
https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt

Request Chain 216

https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
https://dmx.districtm.io/s/10022/625973123154

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
https://dmx.us-east-33.districtm.io/s/10016/YaMdgQAAALyuUQPl

Request Chain 218

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfe484cfa-5011-11ec-93ea-0aa43e051bf3 HTTP 302
https://dmx.districtm.io/s/10051/y-SiGw0JpE2uGWuSf7.wGpEzdi_ojvcT8N~A~UPfe484cfa-5011-11ec-93ea-0aa43e051bf3

Request Chain 219

https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
https://dmx.districtm.io/s/10056/1813050708306528349

Request Chain 220

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
https://dmx.districtm.io/s/10057/y-DYyUYM1E2uF4r_kJELgrdSkbL0L7U1b9C51jlJ0-~A

Request Chain 234

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 235

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
https://sb.freeskreen.com/um?sa=3496748603547980566

Request Chain 236

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://sb.freeskreen.com/um?tlr=e47a14c31f9e4fa09388637eead9df47

Request Chain 237

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
https://sb.freeskreen.com/um?ac={$UID}

Request Chain 238

https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
https://sb.freeskreen.com/um?ni=de93c3c6b5722be4d39546f120f66d4e

Request Chain 260

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

Request Chain 265

https://dmx.districtm.io/s/v1/users/10002 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRllSMEZoVFU1b2NFRjJabTFxZVhWaWJtaDFTa00wTmtsViJ9.ZfQbH37BdwYt2Cam7WAHANw_JxYmyKrdRbeci_uL8wDJHkmnRb05cZWjgeKhAd2RjT1ht_e4J9nY2KDS3_8_oA

Request Chain 308

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456 HTTP 302
https://sb.freeskreen.com/um?mg=KWIUGPQX-N-7DFE

Request Chain 322

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=&expires=30

Request Chain 323

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWIUGPTM-1S-CB57&sigv=1&esig=2~4e7457a4a45aaa37851df0d58428111fd13d9949

Request Chain 324

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b88761a3-1d84-4300-ae38-7f32f5d77470

Request Chain 325

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaMdgQAAALyuUQPl

Request Chain 326

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTA4MjMwYzcyYmRjMWRlMTQ4ZGU5MmVjOWRmN2UxMDMwZTI4MDM4OA

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKtWD3Lo82pBhal5H30fdqI&google_cver=1

Request Chain 328

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/2zb80fKV5lktB1-tvxZEwcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=92018912013979132

Request Chain 329

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KWIUGPTM-1S-CB57

Request Chain 361

https://gum.criteo.com/sid/json?origin=publishertag&domain=bnnbloomberg.ca&sn=ChromeSyncframe&so=0&topUrl=www.bnnbloomberg.ca&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sy2EhXxzYjNuejl6eDJBbEo4WWw2MG9EQkc4SUJxdS9mNERRazNidUVFMEpScU9PWVlXUUludHRlTjg2QU1pWklwWGl5U3JBQVh2MzlRUG5uZHJtNk40L1ZBc0R4ZFRKeVJiNjFsNmZVMnFpWE9UWVVpdDZLRTY4Qm5abkRsOXBLSmJxM2NYWDVFUk9LblNvYk9uT3FCcWVraVhjZkVyYWRqdVlNSmpwUTA5VjZVRjkwZ09lUXZoOG5JQWVHa1V3VXp1QnRzZkE3UTB4eHRzbnEyc3BYVXAzNUJyZy9LNm1WMUovN3F3Y1AyTHczSXhZdmpNV2xRNFdsMitBWGtyVkRMUFhYeStwWVRyVGI2d1VhM3RhbCt1MGYxZz09fA&cppv=2

Request Chain 362

https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=d440bdea-0c87-4fb7-a917-41c84fc16384

Request Chain 363

https://aa.agkn.com/adscores/g.pixel?sid=9212293438 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=b88761a3-1d84-4300-ae38-7f32f5d77470 HTTP 302
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=204810503984005218657

370 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752 Show response
www.bnnbloomberg.ca/ 221 KB
36 KB 204ms
125ms Document
text/html 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ec67367bb4633b605eebee230a892a4f5b162982141826216b60d27ff5a6234

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html;charset=utf-8
content-encoding: gzip
x-vcache: HIT
accept-ranges: bytes
content-length: 36491
cache-control: public, max-age=177, s-maxage=300
expires: Sun, 28 Nov 2021 06:14:09 GMT
date: Sun, 28 Nov 2021 06:11:12 GMT
vary: Accept-Encoding

GET
H2 200 style.css
www.bnnbloomberg.ca/css/bnn-bloomberg/ 1 MB
88 KB 22ms
21ms Stylesheet
text/css 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2229308c24a3e13ec4de4e9e858a13f247c095ab25751f6e4dea5d4c46d8196a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"1052567-1631779452000"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 89392
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 jquery.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 91 KB
33 KB 33ms
31ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"93435-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 33430
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 jquery-ui-1.10.4.custom.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 143 KB
38 KB 37ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery-ui-1.10.4.custom.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47fb8b7f5571b3f676d97f8c7d625bcd773796133c7bdd499a484c5f118a9452

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"146617-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 38948
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/ 1 KB
802 B 37ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.ui.touch-punch.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"1291-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 597
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 player.js Show response
webapps.9c9media.com/vidi-player/1.9.x/js/ 913 KB
218 KB 100ms
21ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.x/js/player.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: f0a035838f2f21c0ff56569ecccbae9f018cf59e988b57a3a496e906b4effe44

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:09 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 222853
expires: Sun, 28 Nov 2021 06:21:12 GMT

GET
H2 200 launch-EN8508e1965b004de29de2dbd977d7156a.min.js Show response
assets.adobedtm.com/ 357 KB
87 KB 117ms
24ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d7bf272338298682af038c50b5b653335cdf742ded98e1d26c2f07f6195699d1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 20:13:09 GMT
server: AkamaiNetStorage
etag: "fbc12966fe4045ad5ec48b635bbee5fc:1635970389.889685"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 88580
expires: Sun, 28 Nov 2021 07:11:12 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/bellmediaprebidheader755367530455/ 247 KB
85 KB 76ms
22ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3e42eb8467ba030a2b2b19e611073a21176938f98ffbf100dc745a5512f69f40

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 16:48:46 GMT
server: AmazonS3
x-amz-request-id: QBQXQNQX6C73M55X
etag: "0aba4662cfe01e8d673fb1b9cfb3866b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=56237
accept-ranges: bytes
content-length: 86554
x-amz-id-2: OcJv2OxmZkKZF5z+EUxQJ42iXoNvyn06u8ijy6pqEaGvFlbskGpzj7uGcTMarhVQdiRHYIBEKsQ=

GET
H2 200 sha256.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 12 KB
4 KB 37ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/sha256.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc421bcb696eb55d51dcedcc18f03dcb3ddc57a58c1f3930cb707e74b8898813

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 18:41:59 GMT
etag: W/"12749-1637865719000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 3845
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 289d106c-df24-4cd9-a9fa-753e928c23ad-web.js Show response
cdn.permutive.com/ 351 KB
104 KB 82ms
32ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40dfdd89d5b7813272faf1d5bc76da30cb3f84cc14539f77c9de295d855d756c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 289d106c-df24-4cd9-a9fa-753e928c23ad
age: 2135
x-guploader-uploadid: ADPycdu3H3_TyKJhSVRnPrFrrhL9Znz3Ph2qZAnaSbM3n1Yi3nWf6o7J7kDffGhWehR1rGszFncN541Faj6pH78MGSE
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 14:33:54 GMT
server: cloudflare
etag: W/"70c09666b5e156249f7ca865a76fbf1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WpAXGw==, md5=cMCWZrXhViSffKhlp2+/Gw==
x-goog-generation: 1636986834324384
cache-control: public, max-age=300
x-goog-stored-content-length: 109463
cf-ray: 6b51700708207133-YUL
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H/1.1 200
OK 183816-157675210059039.js Show response
js-sec.indexww.com/ht/p/ 115 KB
34 KB 75ms
23ms Script
text/javascript 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 20a25f993dd06568742762f56634b696d67732c2bd384b7d5fe62bd10ef4020c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:12 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Nov 2021 06:06:28 GMT
Server: Apache
ETag: "da3a1d-1ca7c-5d1d31ff5ba09"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3542
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 34736
Expires: Sun, 28 Nov 2021 07:10:14 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 124ms
21ms Script
application/x-javascript 2600:9000:21da:bc00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 05:23:29 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 2864
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6840113c714f694919508fbd89b7f29d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: d9Myf9aa5kFmL3D_AjPfdrOKozuRxW9iJ7oOLybl1xq27y5wzLOcJw==
expires: Sun, 28 Nov 2021 07:23:29 GMT

GET
H2 200 js.cookie.min.js Show response
www.bnnbloomberg.ca/js/user-management/ 1 KB
931 B 36ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/js.cookie.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"1500-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 726
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 jwt-decode.min.js Show response
www.bnnbloomberg.ca/js/user-management/ 2 KB
1 KB 36ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/jwt-decode.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6353af18a3944e52b619d909d6396bb22d7dee348b182da052092e6fed15e825

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"2190-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 1069
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 moment.min.js Show response
www.bnnbloomberg.ca/js/user-management/ 57 KB
18 KB 36ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/moment.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec0b5be40b5a1182adcb16274da82c02e5345377475617cac1379c349be5b01f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"58824-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 18606
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 jsrsasign-latest-all-min.js Show response
www.bnnbloomberg.ca/js/user-management/ 257 KB
71 KB 36ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/jsrsasign-latest-all-min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c591d6ce1c5815598040b7cc117ec47c34ad42732975b991b06230f354d0336

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"263434-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 72630
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 ua-parser.min.js Show response
www.bnnbloomberg.ca/js/user-management/ 20 KB
7 KB 36ms
36ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/ua-parser.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fd48f17f80b82be30ff180c092ddd915df1817ac8baf02e1e5ecbd109f69c205

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"20031-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 7420
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 userManagement.js Show response
www.bnnbloomberg.ca/js/user-management/ 10 KB
2 KB 36ms
36ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/user-management/userManagement.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bdd637cb57b622e0d3cf03310ba679307825bfa31a60045ec8a2c6304bd1d7ce

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"10730-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 2079
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 the-robinhood-application-on-a-smartphone-arranged-in-hastings-on-hudson-new-york-u-s-on-friday-jan-29-2021-gamestop-corp-advanced-on-friday-and-was-on-track-to-recoup-much-of-thursday-s-11-billion...
www.bnnbloomberg.ca/polopoly_fs/1.1687753.1638030650!/fileimage/httpImage/image.jpg_gen/derivatives/landscape_620/ 53 KB
54 KB 36ms
31ms Image
image/jpeg 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/polopoly_fs/1.1687753.1638030650!/fileimage/httpImage/image.jpg_gen/derivatives/landscape_620/the-robinhood-application-on-a-smartphone-arranged-in-hastings-on-hudson-new-york-u-s-on-friday-jan-29-2021-gamestop-corp-advanced-on-friday-and-was-on-track-to-recoup-much-of-thursday-s-11-billion-blow-after-robinhood-markets-inc-and-other-brokerages-eased-trading-restrictions-on-the-video-game-retailer-photographer-tiffany-hagler-geard-bloomberg.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2faf54b80c6fc31bc6cfb2dea6dda5889626226580d0962a3919519c24da3696

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Sat, 27 Nov 2021 16:30:50 GMT
x-vcache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 54547
expires: Mon, 27 Dec 2021 16:31:41 GMT

GET
H/1.1 200
OK 2021_7_26_147dae98-a498-4488-83d9-120b396228ec_jpg_756x424.jpg
images2.9c9media.com/image_asset/ 10 KB
10 KB 167ms
38ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_7_26_147dae98-a498-4488-83d9-120b396228ec_jpg_756x424.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 6e7270d024042e2bfcc738a018fe556a51095a9dde510b22521f1011b138a8d4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Wed, 10 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "kuDuPtVGH7FnZTp0HS04DA=="
X-Varnish: 1059631739 1044284206
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1088944
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 10022
Expires: Fri, 10 Dec 2021 20:40:17 GMT

GET
H/1.1 200
OK 2021_6_29_21948c15-7048-4cc7-9b7a-a4e1866d62e7_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 11 KB
11 KB 337ms
208ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_6_29_21948c15-7048-4cc7-9b7a-a4e1866d62e7_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: cd0abd3be5093768ca57b1e5d5dbabe7fda09b8065760b808f94160a14e488be

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Sat, 13 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "IC0hxuh+l0qh6qdjbnm7rA=="
X-Varnish: 1057553735 1068716025
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1360387
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 11037
Expires: Tue, 14 Dec 2021 00:04:20 GMT

GET
H/1.1 200
OK 2021_5_25_496125da-fc33-468b-9bf6-553d81ee2956_jpg_755x420.jpg
images2.9c9media.com/image_asset/ 8 KB
8 KB 165ms
37ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_25_496125da-fc33-468b-9bf6-553d81ee2956_jpg_755x420.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 99fd164ba37ba56f07a8da10bf227fbf80f1b139f7b1a43bcddfb7ffcca114c1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 05 Nov 2021 04:00:00 GMT
X-Powered-By: ASP.NET
ETag: "A3flGTSrfbVVXQqpbPicKg=="
X-Varnish: 1043409242 1018083448
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=625566
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 7925
Expires: Sun, 05 Dec 2021 11:57:19 GMT

GET
H/1.1 200
OK 2021_5_12_fe4dda83-893d-4ed6-ac18-a9c535b442e4_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 9 KB
9 KB 169ms
41ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_5_12_fe4dda83-893d-4ed6-ac18-a9c535b442e4_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 6ac1c450bc9cc5b0b6bd0519fe95612309b67859cdbfed9e288b60e09c404217

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Sat, 13 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "xMtWCrkQKsvzd4aNcRSDJQ=="
X-Varnish: 1057144634 1063012049
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1360560
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8791
Expires: Tue, 14 Dec 2021 00:07:13 GMT

GET
H/1.1 200
OK 2021_4_30_4c6e47be-3473-44d1-ba26-a3cdbc5fd54d_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 11 KB
11 KB 118ms
38ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_4_30_4c6e47be-3473-44d1-ba26-a3cdbc5fd54d_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 03862701caca12427fdc26a145ee29aa26fb5f1d09991d27957c008dbd0d3dae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Tue, 09 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "YHgjduE3141oOb0gEco9bA=="
X-Varnish: 1071305353 1046645262
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=984669
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 11112
Expires: Thu, 09 Dec 2021 15:42:22 GMT

GET
H/1.1 200
OK 2021_3_2_a056d666-1769-4101-96bf-bd39275dd430_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 8 KB
9 KB 214ms
163ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_3_2_a056d666-1769-4101-96bf-bd39275dd430_jpg_980x551.jpg?height=135&width=240
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: e295ca49c438f26cc28cc6ad767a86fb4b231e3a36b168133920dc99b2ea9d62

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Thu, 18 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "pHG3NpuDDPTJZ1OeTIixbQ=="
X-Varnish: 20546260 7462632
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1731606
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8404
Expires: Sat, 18 Dec 2021 07:11:19 GMT

GET
H2 200 plugins.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 607 KB
176 KB 21ms
20ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/plugins.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95341489d89aa8908b9abe2e7564d0fa12126317225ff006f626c8b38556b058

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:12 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"621522-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 180077
expires: Sun, 28 Nov 2021 06:16:12 GMT

GET
H2 200 angular.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 344 KB
93 KB 21ms
21ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/angular.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1294d18482911edd15526fb7a913e11ff77b52866fa729e7ec28d71bd8dfb238

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"352468-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 95186
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 bnn-bloomberg.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 273 KB
58 KB 24ms
19ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b7fde80bd21834b672eadbc97415c8e02f99375d4bd7eaed0cc78d3ecb8cd17

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 18:18:08 GMT
etag: W/"279304-1637864288000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 59155
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 articles.min.js Show response
www.bnnbloomberg.ca/js/bellmedia/partials/common/ 1 KB
693 B 26ms
20ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/partials/common/articles.min.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3916c96656bea206c1f5b3098e81544b462efdb59c1f293317844a42f0a6236

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"1200-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 488
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 109ms
22ms Script
application/javascript 23.41.188.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.188.28 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-188-28.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 28 Nov 2021 06:11:13 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 bellmedia.js Show response
tru.am/scripts/custom/ 2 KB
2 KB 77ms
26ms Script
application/javascript 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/bellmedia.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7718eddcc9a003bd4d6e1f79b27a45ffa3adb6ade4ad7025cc84aa630402659f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=mSeUkw==, md5=Nfw5KaLMpvmXGCPDq6L+gg==
date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1253743
x-guploader-uploadid: ADPycdtvXVKAA_hr9bYtcw-QRKJdi0sK4-8ZB0jFs9zck3SjjcQjXgIoKJZ35YrVrq0gJfKy6jTFDTVBLOf6nX3eljXOUTNCKA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Oct 2021 17:55:18 GMT
server: cloudflare
etag: W/"35fc3929a2cca6f9971823c3aba2fe82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FczvxDN4%2BVmS6lCA3jYa1YfW%2BaJx4%2Fbuavp6bkTXb%2F1djC46me9%2BAMkekLwYJNn%2FgQQOzw5zZ7170Uu55FEMBVYJA5vfcisLYLRehkPsSQUCjm3CKoYKrOFiY24%2FzPdS0Bnycw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634147718644655
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1756
cf-ray: 6b5170070cf4ecfe-YUL
expires: Sun, 13 Nov 2022 17:55:30 GMT

GET
H2 200 includeAuth3.js Show response
beta.ctvnews.ca/content/dam/static-resources/ 30 KB
7 KB 48ms
35ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beta.ctvnews.ca/content/dam/static-resources/includeAuth3.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-175-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.ampproject.org/ https://.ctvnews.ca https://.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://.casalemedia.com/ https://aax.amazon-adsystem.com/ https://.doubleclick.net/ https://.9c9media.com/ https://.9c9media.ca/ https://.bellmedia.ca/ https://.googlesyndication.com/ https://www.googletagservices.com/ https://.chartbeat.com/ https://.krxd.net/ https://.scorecardresearch.com/ 'unsafe-eval' https://.akamaized.net/ https://.gstatic.com/ https://.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://.googleapis.com/ https://entitlements.jwplayer.com/ https://.conviva.com/ https://.2mdn.net/ https://jwpltx.com/ http://.ctvnews.ca/ https://.chartbeat.net/ https://www.googletagservices.com/ https://.facebook.net/ https://.facebook.com/ https://.ampproject.net/ https://.twitter.com/ https://.instagram.com/ https://.twimg.com/ https://.adroll.com/ https://.turn.com/ https://.yahoo.com/ https://.advertising.com/ https://.everesttech.net/ https://.fbcdn.net https://.adform.net/ https://.betrad.com/ https://.evidon.com/ https://.youtube.com/ https://.akamaihd.net/ https://.jwpsrv.com/ https://assets.adobedtm.com/ https://.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://.appspot.com/ https://www.adsrvr.org/ https://bellmedia.amp.permutive.com/ https://.permutive.com/ https://www.google/ads/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jul 2020 16:39:50 GMT
etag: "7835-5ab0a63722180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=28239482
date: Sun, 28 Nov 2021 06:11:13 GMT
content-security-policy: default-src 'self' https://cdn.ampproject.org/ https://*.ctvnews.ca https://*.cms.9c9media.net/ https://use.fontawesome.com/ 'unsafe-inline' data: blob: https://adservice.google.com/ https://adservice.google.ca/ https://*.casalemedia.com/ https://aax.amazon-adsystem.com/ https://*.doubleclick.net/ https://*.9c9media.com/ https://*.9c9media.ca/ https://*.bellmedia.ca/ https://*.googlesyndication.com/ https://www.googletagservices.com/ https://*.chartbeat.com/ https://*.krxd.net/ https://*.scorecardresearch.com/ 'unsafe-eval' https://*.akamaized.net/ https://*.gstatic.com/ https://*.agkn.com/ https://smetrics.ctv.ca/ https://z.moatads.com/ https://px.moatads.com/ https://ssl.p.jwpcdn.com/ https://*.googleapis.com/ https://entitlements.jwplayer.com/ https://*.conviva.com/ https://*.2mdn.net/ https://jwpltx.com/ http://*.ctvnews.ca/ https://*.chartbeat.net/ https://www.googletagservices.com/ https://*.facebook.net/ https://*.facebook.com/ https://*.ampproject.net/ https://*.twitter.com/ https://*.instagram.com/ https://*.twimg.com/ https://*.adroll.com/ https://*.turn.com/ https://*.yahoo.com/ https://*.advertising.com/ https://*.everesttech.net/ https://*.fbcdn.net https://*.adform.net/ https://*.betrad.com/ https://*.evidon.com/ https://*.youtube.com/ https://*.akamaihd.net/ https://*.jwpsrv.com/ https://assets.adobedtm.com/ https://*.demdex.net/ https://bellmedia.sc.omtrdc.net/ https://bellmedia.hb.omtrdc.net https://*.appspot.com/ https://www.adsrvr.org/ https://bellmedia.amp.permutive.com/ https://*.permutive.com/ https://www.google/ads/;
accept-ranges: bytes
content-length: 6087
x-xss-protection: 1;mode=block
expires: Fri, 21 Oct 2022 02:29:15 GMT

GET
H2 200 omnitureTVE.js Show response
www.bnnbloomberg.ca/js/bellmedia/ 6 KB
2 KB 28ms
22ms Script
application/javascript 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/js/bellmedia/omnitureTVE.js?v1637936125
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dfefc713c8aa5219d62a4a95472c746c14dfcec3fade42c35b21ce8f4e493e48

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"5773-1631779452000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-vcache: HIT
accept-ranges: bytes
content-length: 1612
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 jwplayer.js Show response
webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/ 111 KB
37 KB 37ms
33ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 1604851710fbd4c91716919f1d1df3a0f8e60f41aae07bd708ca96062252ddd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:14 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 37263
expires: Sun, 28 Nov 2021 06:21:13 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 596 B
1 KB 436ms
107ms XHR
application/json 52.37.186.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&d_nsid=0&ts=1638079873016

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.186.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-186-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

d5f7079468948ddf969e6a4fb397a06775bcc1a5f73e9aa66adf5cc64a68bc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v017-057de1fa9.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: cX90ghyoQTk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 441
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 33 KB
12 KB 35ms
32ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12188
expires: Sun, 28 Nov 2021 07:11:13 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 3 KB
2 KB 36ms
32ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
etag: "8b210658d66894c896047ae490138f1c:1629320642.068491"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1593
expires: Sun, 28 Nov 2021 07:11:13 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/bellmedia966Bwny69/ 0
257 B 22ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmedia966Bwny69/moatcontent.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Fri, 26 Mar 2021 18:45:53 GMT
server: AmazonS3
x-amz-request-id: 4YR1Q7MTN6F5CY75
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=23950
accept-ranges: bytes
content-length: 0
x-amz-id-2: o110xkkX9y+UVd7yQFnJXNZ8Z7LfzSfIRh5Y5MDzfs7fSEg+UmsI2Igy+BVqfZELXklJMOCO5QU=

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005664/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

19ms
19ms

Script
application/javascript

13.226.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 13.226.37.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-38.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:02:50 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 504
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 6iHPzjopDUxbvTPz4UkomrZXlg9Uh_maBZ3Tz3WpgALzMiZfSwA_oQ==

Redirect headers

date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: ogefifQDlAgqyvs4HQ7qjwOzhLYjzg5QU3pZUVL9gRNoBX5S7WY6zA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 106ms
38ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b477057fbd9238d77bfae7d31dd008148100c107e675c29f2662ad93a457aec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1057 / 759 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26859
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 06:11:13 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 79ms
26ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: nginx /
Resource Hash: c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:13 GMT
server: nginx
etag: W/"618cb9a1-1d4ec"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Nov 2021 06:11:13 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 97ms
24ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183816
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: ee9856e4aaccecbaf5b1715e134c13fdfb0fb4731b4473337cbf98f58c56188c

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 28 Dec 2021 06:11:13 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
256 B 75ms
40ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 controltag Show response
cdn.krxd.net/ 28 KB
11 KB 54ms
11ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=InSaVlLc
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb94f25440a627aef0324c8c4c694a78e8427fef4055643657e3f0107b92eb6e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 507
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 10432
x-served-by: config-service-a001-ash-prod.krxd.net, cache-bwi5152-BWI, cache-yul12828-YUL
x-response-time: 1
x-do-esi: esi
x-timer: S1638079873.251797,VS0,VE0
etag: "631e8323ef2584150acb9866c1f5741df37f762b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 25

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 233ms
116ms Script
application/x-javascript 2a03:2880:f065:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a69ce6c7cfb143eee6b93a86ca9e7f6d09fc06582c8995e054229b746264ee28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ptjwrpLDYmtxvebM2ZUu8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 7LO0nomNoJamhRdryFzH4pg6CRNCy/mvs/Vadb0D2fg17AGKurpVrMd0Fz9UJSyv3qKV6Bf5st4gbFNn+VCLJA==
x-fb-trip-id: 1679558926
x-fb-content-md5: be5b9f980396bff3c0bbad216513e663
x-frame-options: DENY
date: Sun, 28 Nov 2021 06:11:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bc2b07e6f9020747b4f7780942e54614"
timing-allow-origin: *
expires: Sun, 28 Nov 2021 06:11:43 GMT

GET
H2 200 BNN-Sprites-x3.png
www.bnnbloomberg.ca/img/bnn/ 103 KB
103 KB 37ms
36ms Image
image/png 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/bnn/BNN-Sprites-x3.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c423060975a447c389133494d357ed141f474e4c8a2939a4f34047224ec5e3c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"105019-1631779452000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 105019
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 preloader_black.svg
www.bnnbloomberg.ca/img/elements/preloaders/ 6 KB
2 KB 23ms
23ms Image
image/svg+xml 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/elements/preloaders/preloader_black.svg?1579786406
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf39400dc753631915a397967da2fde8d95e89f728e374a08d8c6fd10d4b5971

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"6587-1631779452000"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
x-vcache: MISS
accept-ranges: bytes
content-length: 1362
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 170ms
54ms Script
application/x-javascript 2a03:2880:f065:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: cXOSwOctuFOf+w8zfl1MwV1FFki5LOdqhOsPErkd8fFt0iCPkQasVSRWxilx62+vj+OPjuaNPWZLbHrGAUu+Lg==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Nov 2021 06:11:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 94ms
29ms Script
application/x-javascript 2600:141b:13::17d7:82d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Sun, 28 Nov 2021 06:11:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43961
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 91ms
34ms Script
application/javascript 199.232.64.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.64.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 23:12:14 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000058-IAD, cache-wdc5530-WDC

GET
H2 200 video-play.png
www.bnnbloomberg.ca/img/icons/ 5 KB
5 KB 22ms
20ms Image
image/png 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/icons/video-play.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 289d4b67d5b25037a74bf891dbd7db6fc946e56bbdb5946523e94322b296fa55

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"4936-1631779452000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4936
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/js/ 0
301 B 86ms
19ms Script
text/javascript 23.52.162.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/js/gigya.js?apiKey=3_XLe6j4XtKn0CRHynAmTCyx8RZxX1brcJGNNjgzFIuFKCAqvkD4HVYHMykJ5z969V
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.36 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=900
Connection: keep-alive
x-robots-tag: none
Content-Length: 20
Expires: Sun, 28 Nov 2021 06:26:13 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 20ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3BDAE1FAB05E52F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16723
accept-ranges: bytes
content-length: 948
x-amz-id-2: JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 24ms
23ms Script
text/javascript 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/bellmedia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096322
x-guploader-uploadid: ADPycdveoYfZKDK37O20HlodjRQFjl49B1Ojv5oUYqP2TUXHkqRzxgFXqEPXiwSsyf29NKoedE-LqE7yak6fAuCi0OddltM1Mg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 11 Nov 2020 17:32:38 GMT
server: cloudflare
etag: W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gtk1d6OyOvHo%2FKfdv18DfZJhEuJlzlWk%2BJhF6ra%2BIXlUEQsRFVyY5XLN%2F1wjE38iKsBY5lSvnMnB5LOBj8F7sH0a579dvzuAShkIeTSgrtiIivFl2otZKsW5smFOlgceVux2Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605115958819708
content-type: text/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 27827
cf-ray: 6b517008bde7ecfe-YUL
expires: Mon, 15 Nov 2021 14:39:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2297
date: Sun, 28 Nov 2021 05:32:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Nov 2021 07:32:56 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 24ms
23ms Script
application/x-javascript 2600:9000:21da:bc00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:bc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 04:40:31 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 5442
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6840113c714f694919508fbd89b7f29d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: i73aFT6_3aeFDyudWG_W02uZKpO0dJj7ApaEkS2oaEf_78oTYq05Cw==
expires: Sun, 28 Nov 2021 06:40:31 GMT

GET
H2 200 RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js Show response
assets.adobedtm.com/653e7ca2fc48/14929d193258/869c4a7694fa/ 478 B
556 B 24ms
23ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/653e7ca2fc48/14929d193258/869c4a7694fa/RCe714d7b84ce14ee0a28df675bbd5cf5b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 305bc935e48e488ba598f584b0d0f544a296f1145dda94cee66c2cf1988fa81a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 20:13:10 GMT
server: AkamaiNetStorage
etag: "d461ec35bf59d6e9b8a3900a494c0acb:1635970390.921375"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 288
expires: Sun, 28 Nov 2021 07:11:13 GMT

GET
H2 200 RC2d6da016bf28471c8bc669fb84568d84-source.min.js Show response
assets.adobedtm.com/653e7ca2fc48/14929d193258/869c4a7694fa/ 512 B
596 B 24ms
24ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/653e7ca2fc48/14929d193258/869c4a7694fa/RC2d6da016bf28471c8bc669fb84568d84-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b364ae02328a727badd573c04bac17e95abdcb7fd9be61fc7f3d15dff162b7a1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 20:13:10 GMT
server: AkamaiNetStorage
etag: "d461ec35bf59d6e9b8a3900a494c0acb:1635970390.921375"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 328
expires: Sun, 28 Nov 2021 07:11:13 GMT

GET
H/1.1 200
OK contents Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/collections/273/ 137 KB
22 KB 88ms
30ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/collections/273/contents?$include=[Images,Desc,ShortDesc,BroadcastDate,Type,BroadcastTime,ContentPackages,Media,Keywords,Genres,Tags]&$page=1&$top=100&$inlinecount=&Images.Type=thumbnail
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 69cb77a93b61591eefb407ae7866479895a6a383f663b9db60f14875f10f9546

Request headers

Accept: */*
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-19
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Sun, 28 Nov 2021 06:11:13 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 21679
Expires: Sun, 28 Nov 2021 06:11:13 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-50ec42877c97615a/ 917 B
565 B 40ms
39ms Script
application/javascript 23.41.188.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-50ec42877c97615a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.188.28 Newark, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-188-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf8436a515e4055bc63645c9eb3a2086fafbfdb45128a4d6e0eed96d16e78203

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
etag: -1696646022--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 388

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 101 B
985 B 107ms
95ms Script
application/javascript 23.41.188.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61a31d81c6e5a0d3&bkl=0&bl=1&pdt=237&sid=61a31d81c6e5a0d3&pub=ra-50ec42877c97615a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bnnbloomberg.ca&fp=when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Technology%2CBloomberg%2CCompany%20News&colc=1638079873515&jsl=131073&uvs=61a31d81c33a7d93000&skipb=1&callback=addthis.cbs.jsonp__52486440852863780
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.188.28 Newark, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-188-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74e4d6706cbd43c6d560651e13945f1da3e54d73244038547a40c70c97c0e455

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:13 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 101
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B027 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 912C 71 KB
26 KB 29ms
29ms Document
text/html 23.41.188.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.188.28 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-188-28.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 28 Nov 2021 06:11:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 pxid Show response
289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/v2.0/ 46 B
456 B 130ms
100ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/v2.0/pxid?k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 922372ef42f67f64319797e5d75799ceeb6e58bb937a4ba2cdc2c680b2cc451a

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
695 B 60ms
20ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:13 GMT
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 4f31736c-38ee-4cf1-a773-efa6c8bcfaa1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 289d106c-df24-4cd9-a9fa-753e928c23ad-models.bin Show response
cdn.permutive.com/models/v2/ 72 KB
49 KB 51ms
28ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/289d106c-df24-4cd9-a9fa-753e928c23ad-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09ab6064be679e021cca9088f5d75911c9e49071affef1fbecbb1cda249f9672

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: 289d106c-df24-4cd9-a9fa-753e928c23ad
age: 1782
x-guploader-uploadid: ADPycduTTaZA1K-Dn2hypchrBl4W9SiNFiuSoke43FKWac2a5BxzTECiMDxkLAJ-7ueDlE1ra4g2e6UDw_UtWMQ6D8z9H7p0Wg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 49629
last-modified: Sat, 27 Nov 2021 06:02:40 GMT
server: cloudflare
etag: "2aeabde7ab2ff4dd3e484632b8d5a760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=1H7s+Q==, md5=Kuq956sv9N0+SEYyuNWnYA==
x-goog-generation: 1637992960041111
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, no-transform
x-goog-stored-content-length: 49629
accept-ranges: bytes
cf-ray: 6b517009eb40ece6-YUL
expires: Sun, 28 Nov 2021 04:50:58 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 231 B
422 B 133ms
100ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7dab178448290684b997c05ad99d6a791e54b013b215fc528907e243ba890389

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 163
via: 1.1 google

GET
H/1.1 200
OK dest5.html Show response
bellmedia.demdex.net/ Frame CDCE 7 KB
3 KB 442ms
104ms Document
text/html 52.37.186.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bellmedia.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN8508e1965b004de29de2dbd977d7156a.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.186.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-186-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 28 Nov 2021 06:11:13 GMT
DCS: dcs-prod-usw2-1-v017-0f1b2c0d9.edge-usw2.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 26 Nov 2021 14:01:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: wsX4D8LnTsg=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YaMdgQAAALyuUQPl
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62343979600873580793747237977899911040
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YaMdgQAAALyuUQPl

42 B
945 B

107ms
107ms

Image
image/gif

52.37.186.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YaMdgQAAALyuUQPl

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

HTTP/1.1

Server

52.37.186.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-186-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v017-01ee62958.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: aWTDBsZISsU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YaMdgQAAALyuUQPl
Date: Sun, 28 Nov 2021 06:11:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 353 B
529 B 155ms
54ms Script
text/html 3.138.71.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&callback=MoatNadoAllJsonpRequest_77183632
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.138.71.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-138-71-180.us-east-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: fa1be5af69f5a893cc18f176431ab54d5f016fd4fa28ecf13eb6709ce4d4b0f6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "ba03e9a9356d2ba97dcdaf6698bfb5d176f9206d"
content-length: 353
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
275 B 130ms
40ms Script
text/html 3.143.162.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=BELLMEDIA_PREBID_HEADER1&hp=1&wf=1&pxm=2&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1638079873582&de=974765743701&m=0&ar=7e5b6a28623-clean&iw=ed14c44&q=1&cb=0&cu=1638079873582&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=&la=undefined&gw=bellmediaprebidheader755367530455&fd=1&ac=1&it=500&pe=1%3A544%3A544%3A0%3A865&fs=195763&na=1364131265&cs=0&callback=MoatDataJsonpRequest_77183632
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.162.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-162-26.us-east-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: e20dbdcb8e963b424c0cb14146fb0455a844930c36630f3e1d0b1dd97a6a2d88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "ab33f2abca76eb61fffbf0f7d77ba55c0e74704a"
content-length: 100
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 261F 1 KB
2 KB 19ms
19ms Document
text/html 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/bellmediaprebidheader755367530455/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

x-amz-id-2: cF9yoGhpM/XkWOHxbjZi6wEIYSI26cOOPnQ+bqWVraiLrn1zjgezsK2L/tfkOFGTEEIyRa3DfmU=
x-amz-request-id: 4FAD9F05DA35E499
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1064
date: Sun, 28 Nov 2021 06:11:13 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 85ms
24ms Script
application/javascript 54.192.160.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/bnn-bloomberg.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-160-42.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 00:34:12 GMT
content-encoding: gzip
age: 20220
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1PTJ5ZS73JF5507BTVXB
etag: 4da12c74ee926b2a11a4e43bfb72b2fd
vary: Accept-Encoding
x-amz-version-id: 4VmutqpMSKe44XUliQiub0_OOWAXoLbl
via: 1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: futQfPL8SpRuwj011eFsX_CFablkaRrZQjD4WISsrZ_fdiJRlYoo5Q==

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 10ms
10ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=InSaVlLc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
age: 14930394
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 875760
content-length: 81295
x-served-by: cache-yul12828-YUL
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1638079874.660980,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
BLOB 200
OK b62d8682-a623-428d-891d-f5e2dc9de7c7
https://www.bnnbloomberg.ca/ 144 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bnnbloomberg.ca/b62d8682-a623-428d-891d-f5e2dc9de7c7
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcc3eec1d7856056d823ddc2295c8841072f079987b11699d6e73bbec9ec1054

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 147680

GET
BLOB 200
OK b9a85838-f917-4941-9987-59f6dc8564c1
https://www.bnnbloomberg.ca/ 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bnnbloomberg.ca/b9a85838-f917-4941-9987-59f6dc8564c1
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf8f98a206709b583ce9aa7723208619213f92a0afeef0fb501709699f9c8d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 22489

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 234 B
532 B 136ms
93ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=bnnbloomberg.ca&domain=bnnbloomberg.ca&path=%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83fb1c8cf4cc7306a544852a928197c3cbca6a13afd4a1ee04159b05d3d8437c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 178
x-served-by: cache-yul12828-YUL
access-control-allow-origin: *
x-timer: S1638079874.712033,VS0,VE83
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 26 Nov 2021 06:11:13 GMT

GET
H2 200 s45892197749756
bellmedia.sc.omtrdc.net/b/ss/bellmediabnnbprod,bellmediaglobalprod/1/JS-2.22.1-LBWB/ 43 B
394 B 334ms
105ms Image
image/gif 52.40.172.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bellmedia.sc.omtrdc.net/b/ss/bellmediabnnbprod,bellmediaglobalprod/1/JS-2.22.1-LBWB/s45892197749756?AQB=1&ndh=1&pf=1&t=28%2F10%2F2021%206%3A11%3A13%200%200&mid=62305586995734422793815321703059684120&aamlh=9&ce=UTF-8&pageName=bnnb%3Ahome%3Awhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%3Astory&g=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cc=USD&ch=home&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=home%2Cwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%2Cstory&c5=web%20page&v5=web%20page&c6=home&v6=home&c7=when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&v7=when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c8=story&v8=story&c12=anonymous&v12=anonymous&c30=web&v30=web&v38=%20-%20&c42=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&v42=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c50=page%20view&v50=page%20view&v68=sunday%2006%3A11%20am&c69=bnnb&v69=bnnb&v91=bnnb%3Ahome%3Awhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%3Astory&v93=2021-11-28&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=BB3937CB5B349FE70A495EAE%40AdobeOrg&AQE=1

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.40.172.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-172-46.us-west-2.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 29 Nov 2021 06:11:13 GMT
server: jag
xserver: anedge-7df84fc876-8m6nw
etag: 3517749743379644416-4619580910384260079
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 27 Nov 2021 06:11:13 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cooki...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2254610%26time%3D1638079873686%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cooki...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2254610&time=1638079873686&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&cook...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2&_expected_cookie=6f50645016a08e4d7481a92f...

43 B
142 B

45ms
45ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2&_expected_cookie=6f50645016a08e4d7481a92f9cbe3197
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b51700f1a5c714a-YUL
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2&_expected_cookie=6f50645016a08e4d7481a92f9cbe3197
date: Sun, 28 Nov 2021 06:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b51700e9a0d714a-YUL
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 94ms
39ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 06:11:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
708 B 91ms
34ms XHR
application/json 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bnnbloomberg.ca

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ea3c429f53f4e67351faa29f143649cbe6c6f1662e7ab88cb9337c6a6616d1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72
x-xss-protection: 0
expires: Sun, 28 Nov 2021 06:11:13 GMT

GET
H3 200 260030771280344 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 119ms
59ms Script
application/x-javascript 2a03:2880:f065:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260030771280344?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bc79b024d0439ddebcee051d3b5a1a8d82a7dcb2948bba25165ba14ec562c1f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88864
x-xss-protection: 0
pragma: public
x-fb-debug: CXlDevAuzrRZG2Gyl4Kvg91bPh0095WX2cV9jTOyU8xxymHzlKWLZBiXg6974g6IRNBqipKupFJ+eDNCMs/X2Q==
x-frame-options: DENY
date: Sun, 28 Nov 2021 06:11:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 116ms
60ms Script
application/x-javascript 2a03:2880:f065:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4b920ad93d8c7813e0a90c0f8c3bae92

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79b39241d3233e7f06628d8bb684a61e85cb120ad0b4a4bd31673b5228d688ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bnnbloomberg.ca/
Origin: https://www.bnnbloomberg.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: H9a54+jB1rc5Tmo7pozM7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84323
x-fb-rlafr: 0
x-fb-debug: muyPK4nqsexbBQnu+4gmIRK2ryDTbsQ5/uvw5AfYKJKUN8kCXFryWiBjatSUmqJQdzT/5CJ8Ylw0i9w5OApYwQ==
x-fb-content-md5: ce9e73b35a44c8910124216d98da6a8b
x-frame-options: DENY
date: Sun, 28 Nov 2021 06:11:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2d08430b9649aac51dbb161cec525a16"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Nov 2022 05:51:43 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 150ms
57ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o49jr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c3568715-0633-44db-9745-e969802e5e30&tw_document_href=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 9
pragma: no-cache
last-modified: Sun, 28 Nov 2021 06:11:13 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d4455e3fa2c6aa1aed6748419a58f396195af54de0567bfc14ce4f1ac3f6bf79
x-transaction: 96e088f74793c4e4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
469 B 167ms
54ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o49jr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c3568715-0633-44db-9745-e969802e5e30&tw_document_href=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 8
pragma: no-cache
last-modified: Sun, 28 Nov 2021 06:11:13 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3148fc215ba87848e13d170d598343f6c9d04aa0c51070e236f616a7ccb06499
x-transaction: b8cb1070acb651b3
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
329 B 127ms
105ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b75407bea5ef888425779a54f2dce36419e39863edd48d5cb9508df0dc62402e

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 70
via: 1.1 google

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a...

0
225 B

26ms
26ms

Image
text/plain

13.226.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c8=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&c9=
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 13.226.37.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-38.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 1NW_lcPEJuOqKNSYQWr8_5I9wsABOzmwRYbSZHvMkpwjzvsq1zgGAA==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005664&cs_it=b2&cv=3.8.0.210223&ns__t=1638079873781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&c8=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&c9=
content-length: 360
x-amz-cf-id: xIa1sazvAyiqcSBv06a6VgYkC7PSDRmxKpIKBHXPsqX8_sHNNiElOg==

GET
H2 200 autoplay-off.json Show response
webapps.9c9media.com/config/vidi-player/v1/bnn-jwt/ 33 KB
9 KB 69ms
22ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/config/vidi-player/v1/bnn-jwt/autoplay-off.json
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: a5d172dfaec916385b694fc9d81e68b3d48b230761d6950bb62a05f27925e417

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 11:05:07 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 8595
expires: Sun, 28 Nov 2021 06:21:13 GMT

GET
H/1.1 200
OK 2021_11_26_ef812d0b-21d8-4428-a3ee-0fc42d49bb5d_png_680x377.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 28ms
27ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_ef812d0b-21d8-4428-a3ee-0fc42d49bb5d_png_680x377.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 72785f914cd462fef814108680a736287c28afe42872c39804f9b37c81c3f32d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "YpySF8Obsj3QHBASyxgyOw=="
X-Varnish: 68396176 58981270
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2476746
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 3725
Expires: Sun, 26 Dec 2021 22:10:19 GMT

GET
H/1.1 200
OK 2021_11_26_fbfa9602-dbcc-4399-8584-4ada5cc7da74_png_678x378.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 31ms
31ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_fbfa9602-dbcc-4399-8584-4ada5cc7da74_png_678x378.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 8f87349661e64e1cd60f19859016fa3f16bf24855fc76f091c96ba07e3e3ac8e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "ZatYQZOJf71Wb6A2io74jA=="
X-Varnish: 66265400
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2477467
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 3845
Expires: Sun, 26 Dec 2021 22:22:20 GMT

GET
H/1.1 200
OK 2021_11_26_cbc1dff6-3ef8-4668-9783-7a7f53d85410_png_680x380.jpg
images2.9c9media.com/image_asset/ 4 KB
4 KB 29ms
28ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_cbc1dff6-3ef8-4668-9783-7a7f53d85410_png_680x380.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 4e38c31aeabb853b87a852e8e145480db4f99d78f509bf9dfccabefb4a5f6788

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "DjVJgcS67RJFitQ62+4kag=="
X-Varnish: 68055841
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2477949
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 3830
Expires: Sun, 26 Dec 2021 22:30:22 GMT

GET
H/1.1 200
OK 2021_11_26_0e37356a-14cb-48e1-8b3f-c8795053e091_png_679x375.jpg
images2.9c9media.com/image_asset/ 4 KB
5 KB 24ms
23ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_0e37356a-14cb-48e1-8b3f-c8795053e091_png_679x375.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 06506b549281c8457ff1ea41203aed36e46da8a2aa51eb58978d86b146a0e040

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "meL/mY9p8te6q07MSoYvIg=="
X-Varnish: 67139807 68157148
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2473899
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 4426
Expires: Sun, 26 Dec 2021 21:22:52 GMT

GET
H/1.1 200
OK 2021_11_26_41f55f0a-98eb-464a-80c3-df4c300d5885_jpg_980x551.jpg
images2.9c9media.com/image_asset/ 4 KB
5 KB 29ms
29ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_41f55f0a-98eb-464a-80c3-df4c300d5885_jpg_980x551.jpg?width=140&height=79
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: b97c699947499350bbff769980ea0a01ffc1fffa62966a403e05078fe8ba480d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:13 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "Muu5YXZdP8G2PHMKD+1Akw=="
X-Varnish: 67158910 68050857
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2476659
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 4465
Expires: Sun, 26 Dec 2021 22:08:52 GMT

GET
H2 200 preloader_black_video.gif
www.bnnbloomberg.ca/img/elements/preloaders/ 7 KB
8 KB 21ms
20ms Image
image/gif 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/elements/preloaders/preloader_black_video.gif
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8733ad4061e0afc25916e6154d2249da919d8ae5d0b113cda5368ec41d480f03

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"7622-1631779452000"
x-vcache: MISS
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7622
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 BNN-Sprites_smaller.png
www.bnnbloomberg.ca/img/bnn/ 80 KB
81 KB 23ms
23ms Image
image/png 23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bnnbloomberg.ca/img/bnn/BNN-Sprites_smaller.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5e038d94254f00ca0c849d9d312b9024811735c4531745167d7b4fa5fe24bfe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/css/bnn-bloomberg/style.css?v1637936125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:13 GMT
last-modified: Thu, 16 Sep 2021 08:04:12 GMT
etag: W/"82160-1631779452000"
x-vcache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 82160
expires: Sun, 28 Nov 2021 06:16:13 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 27ms
27ms Script
application/javascript 23.41.188.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.188.28 Newark, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-188-28.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 28 Nov 2021 06:11:13 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 64ms
34ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=655402997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&ul=en-us&de=UTF-8&dt=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1788825281&gjid=1528504364&cid=1887333569.1638079874&tid=UA-19846804-1&_gid=766448530.1638079874&_r=1&_slc=1&z=698274863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 77ms
24ms Image
image/gif 54.165.183.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bnnbloomberg.ca&p=%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&u=BbYvINUiwx5CxBqb9&d=bnnbloomberg.ca&g=65778&g0=Technology&g1=Annie%20Massa%2C%20William%20Turton%20and%20Jack%20Gillum%2C%20Bloomberg%20News&n=1&f=00001&c=0&x=0&m=0&y=2863&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1410&t=D0ud4OBkTQZKCGqhB-C0vpx_CVx6rw&V=129&i=When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20BNN%20Bloomberg&tz=0&sn=1&sv=T_wif3kQathBSq9DsU36DD63EJr&sd=1&im=067b0fff&_
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.183.227 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-183-227.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 7A63 805 B
827 B 11ms
10ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 28 Nov 2021 06:11:13 GMT
via: 1.1 varnish
age: 14930393
x-served-by: cache-yul12828-YUL
x-cache: HIT
x-cache-hits: 3271524
x-timer: S1638079874.976021,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

POST
H2 204 beacon
beacon.tru.am/ 0
0 89ms
52ms Fetch 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
surrogate-control: no-store
vary: Origin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WJ25GM96HThDCRqpRQ46edq8vRmRuo37TJmNIJfSCuovP4Q4uJu3M9PZO3l7RtbJmfZZzIMJy36CjJOVoxU4Pt8gXXiaoJXsKnP41Z3eUm8PDsvEF9MFhSM2eRfzu7QtCDXsm6zquaJkh0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 6b51700ccaee4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 web-prod.json Show response
webapps.9c9media.com/config/vidi-chromecast/v2/bnn/ 12 KB
4 KB 25ms
24ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/config/vidi-chromecast/v2/bnn/web-prod.json
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 53f7413e39db9b8bbe9e7b68bbc5fa1bb3420bc9b0c8bdbd226ab1cb1717fdeb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 11:04:57 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 3659
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 382 B
743 B 23ms
23ms XHR
application/json 54.192.160.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3733&u=https%3A%2F%2Fwww.bnnbloomberg.ca
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-160-42.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: 445c5b1a5101c7fa764dde6153130716037b5414630812d4dae54cd966e4342c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 02:33:21 GMT
via: 1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
server: Server
age: 13073
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-length: 382
x-amz-cf-id: W0GmrW8Iud9f8q2pZkS-gPh35xSzkbpO0eJQLmm8TrdJjVg9fvO-5Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 187 B
660 B 160ms
159ms XHR
text/javascript 54.192.160.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3733&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pid=F6BE72ymDJ65p&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22leaderboard-ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2Fleaderboard-ad%22%7D%2C%7B%22sd%22%3A%22fluid-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2Ffluid-ad%22%7D%2C%7B%22sd%22%3A%22adSlimCut%22%2C%22s%22%3A%5B%2230x1%22%5D%2C%22sn%22%3A%22%2F5479%2Fctv.bnn%2FTechnology%2FArticle%2FadSlimCut%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.160.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-160-42.ewr53.r.cloudfront.net

Software

Server /

Resource Hash

202667ba9aad8ee0d2389f97571cb915b8c5178c9849a0197e5eaefa087ab3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR53-C3
x-amz-rid: 28BWR7J0EP5QSWT9EYSA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 187
x-amz-cf-id: hpj3w4gnZqc63FH5VR0O-Snrkm13_SFocOLvLdZey6UXJAT_2UPq3g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
7 KB 69ms
24ms XHR
application/javascript 54.192.160.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-160-42.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 01:42:39 GMT
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 16116
x-cache: Hit from cloudfront
content-length: 6482
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: hvNV07ba6JLkYBvIlFK_9w76Z9GomrsP3RxHROl63ymE84OXuFNnag==

GET
H3 200 417766778714379 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f065:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/417766778714379?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0abbf99ebcac3171e52de6584fdbcffa53b701db7640c712cf34d42341b0a49e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89266
x-xss-protection: 0
pragma: public
x-fb-debug: fvCRhtbY/i9gSps79ls54+kGbP9a+UoD9jKcmYhs+rPkoz+VfkFfYIYkBcI75uLPFw3GgBJxE5ROPZhi65S9+w==
x-frame-options: DENY
date: Sun, 28 Nov 2021 06:11:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 127ms
52ms XHR
text/plain 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19846804-1&cid=1887333569.1638079874&jid=1788825281&gjid=1528504364&_gid=766448530.1638079874&_u=IEBAAEAAAAAAAC~&z=1125587429

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Nov 2021 06:11:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca46aa22-e6b4-464e-9077-7215dc98bc0a Show response
consumer.krxd.net/consent/get/ 239 B
433 B 62ms
26ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca46aa22-e6b4-464e-9077-7215dc98bc0a?idt=device&dt=kxcookie&callback=Krux.ns.bellmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0667b75242c6b97f421ac0eaacc8fcd559262a73f421339b4bf01990247ce0ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-ash-prod.krxd.net, cache-yul12827-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638079874.175532,VS0,VE16
content-length: 194
x-cache-hits: 0, 0

GET
H2 200 share.json Show response
webapps.9c9media.com/config/vidi-player/v1/bnn/ 33 KB
9 KB 23ms
23ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/config/vidi-player/v1/bnn/share.json
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 352f366cbf28b891fd004a3aa2fdfbd14986381f49bdc403b1daaab2b367aa64

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 15:52:02 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 8517
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/ 85 KB
19 KB 45ms
10ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/config.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0e87b5976ff431e58a44bfdce6d3ecd06be64d7cb988a2659f8f34d469eacbb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Encoding: gzip
Age: 2064
X-Cache: HIT
Connection: keep-alive
Content-Length: 19242
x-amz-id-2: t0IuuUjEfNujc3NSTODB7WbzC+QnucBLl4CAPnY/+wp2Xzu4TKm02WgBvNpwdXacUezps9UIGl4=
X-Served-By: cache-yul12822-YUL
Last-Modified: Sun, 28 Nov 2021 04:38:44 GMT
Server: AmazonS3
X-Timer: S1638079874.184804,VS0,VE0
ETag: "6a7deb1212e6391373f72d0c109b085c"
x-amz-request-id: 80BJSC0QFN9DKZV2
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 781

GET
H2 200 InSaVlLc.js Show response
cdn.krxd.net/controltag/ Frame 7A63 28 KB
11 KB 11ms
11ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/InSaVlLc.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb94f25440a627aef0324c8c4c694a78e8427fef4055643657e3f0107b92eb6e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 689
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 10432
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5153-BWI, cache-yul12828-YUL
x-response-time: 0
x-do-esi: esi
x-timer: S1638079874.156751,VS0,VE0
etag: "631e8323ef2584150acb9866c1f5741df37f762b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 5

GET
H/1.1 200
OK 2331316 Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/ 2 KB
1 KB 19ms
19ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/2331316?%24include=%5BId%2CName%2CDesc%2CShortDesc%2CType%2COwner%2CMedia%2CSeason%2CEpisode%2CGenres%2CImages%2CContentPackages%2CAuthentication%2CPeople%2COmniture%2CrevShare%2Cadtarget%2Cchannelaffiliate%5D&%24lang=en
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: eb0c84cbb3d4dfb9025d290b17a422a32a2d8d40f1af786c4fa8f6cf9f8e6750

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-11
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1027
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESENvlmIMY-ijyQMV9p4zNxY0&google_cver=1
dpm.demdex.net/ Frame CDCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIzNDM5Nzk2MDA4NzM1ODA3OTM3NDcyMzc5Nzc4OTk5MTEwNDA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjIzNDM5Nzk2MDA4NzM1ODA3OTM3NDcyMzc5Nzc4OTk5MTEwNDA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENvlmIMY-ijyQMV9p4zNxY0&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

107ms
107ms

Image
image/gif

52.37.186.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENvlmIMY-ijyQMV9p4zNxY0&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

HTTP/1.1

Server

52.37.186.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-186-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://bellmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v017-0c9e01bfa.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sTK/ji/mRy8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENvlmIMY-ijyQMV9p4zNxY0&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ Frame 7A63 249 KB
80 KB 12ms
11ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/InSaVlLc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
age: 14930394
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 875762
content-length: 81295
x-served-by: cache-yul12828-YUL
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1638079874.206391,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 166ms
55ms Image
image/gif 2a03:2880:f162:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260030771280344&ev=PageView&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&rl=&if=false&ts=1638079874208&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638079874207.1991311764&it=1638079873727&coo=false&exp=p0&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 166ms
56ms Image
image/gif 2a03:2880:f162:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417766778714379&ev=PageView&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&rl=&if=false&ts=1638079874211&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638079874207.1991311764&it=1638079873727&coo=false&exp=p0&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 28 Nov 2021 06:11:14 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 174 B
413 B 84ms
26ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=116&profileId=154&cb=9526181894
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS: bidder.va1.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 0672792a557b69f7ff7d4e55c0c3a58093739b00159a968f3ca61c26ee36e327

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 168

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 239ms
193ms XHR
application/javascript 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=22153502&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=Rou2DZyP&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

df668e4c0dd6efd1322abdfa418ce2a99f86aedd2c4cede29d347b9a06af2587

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 672.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: ff52b0c2-f485-4a30-9580-23f991512ef2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 138ms
94ms XHR
application/javascript 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=15841007&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=ANKnw6Il&psa=0&promo_sizes=970x250%2C970x90&referrer=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

775cc1108d0c49508f22e9dce17c319b8c686dc406c70776940c22fb52b65f8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 672.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: b38c7d85-ec79-40d8-b777-98344145115f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 KB
25 KB 226ms
153ms XHR
text/javascript 23.199.204.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=291504&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2253720898%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22494936%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22494937%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22323042%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22323046%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22323050%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d440bdea-0c87-4fb7-a917-41c84fc16384%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-28T06%3A11%3A13%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.204.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-204-79.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3a238633a32d437a027bd661e8a71c9891fc94017a7ca20b1bab8293f9126e0c

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.170], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.bnnbloomberg.ca
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 24926
x-ak-client-geo: 19
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
295 B 119ms
26ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnndesktopatf300x600335&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4071c268806036b0d3a68fa7eb558321f866a415d782a840f159127836cfaa85

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 122ms
30ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnndesktopatf300x250336&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 59ac89a1bdb929bc68e103dbc47227123f6efc448fb811a749dea6eb136122c4

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
28ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnndesktopatf728x90326&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 0328be5fc454c0d2bf6277b38ee005be097cb4bfe2c850d214c0e4636cea68d3

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
27ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnndesktopatf970x250327&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c09b8f03a4e1d4faa97ed93c9b9e3b4141c25829490ff21b4f801e266539a6b9

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 119ms
27ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9690fd017474dafe8adb6430570013&pos=bnndesktopatf970x90328&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2498bc9bfe195e73ab40b9c89330ddcf96ff75915483649b7f98638a54f69d85

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 161ms
161ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0452f5f4ba2e8c01a20b608b1f8671b6867e6f2a35d6d4cf477a7f97bbabe18d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92689f7b-37d4-41c1-aa1b-cad3db81c5c1
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK contentpackages Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/2331316/ 97 B
586 B 21ms
21ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/2331316/contentpackages?$lang=en&$include=[duration]
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 5de9006a42ccf20e8504222cda9473f912cc4234d7c4ff738608c4495205f1a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-vm-6
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 111
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame D78D
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t

268 B
1 KB

44ms
43ms

Document
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

61756d7932163a090cd857513451c708d03465b5094bfd02435b53e49f8dff13

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 268
Connection: keep-alive
x-amz-rid: 2R0GQ40248CHD1CY8V1V
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: B9AWGR4W7MEKJPSTH96F
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 10ms
10ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/5rJjPRoNo_MlaGcpOA6YOlm0Fmw/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Encoding: gzip
Age: 809
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: 85fW0cV/7aHNyuS/vi5X2JBMLDRy0VRuGxEQgu6dgAPX6ZqgyU5PU3Q05d9rSIUduiWVRpSE73Y=
X-Served-By: cache-yul12822-YUL
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1638079874.245367,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: 3S9JGSJ2W84WPF5C
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 3780

GET
H2 200 ca46aa22-e6b4-464e-9077-7215dc98bc0a Show response
consumer.krxd.net/consent/get/ Frame 7A63 224 B
245 B 32ms
32ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/ca46aa22-e6b4-464e-9077-7215dc98bc0a?idt=device&dt=kxcookie&callback=Krux.ns.bellmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a4a082120a0ba3432ee302e53e696678fe25d8d04927f671e9a32358e58c3f3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-ash-prod.krxd.net, cache-yul12827-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638079874.282059,VS0,VE21
content-length: 184
x-cache-hits: 0, 0

GET
H/1.1 200
OK 4693242 Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/2331316/contentpackages/ 912 B
950 B 28ms
27ms XHR
application/json 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/contents/2331316/contentpackages/4693242?%24include=%5BHasClosedCaptions%2Cbreaks%2CStacks.ManifestHost.mpd%5D
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 534788a2c2813f85ae15eb9d11eef53bd969da97fe9ef5a6232ae55d9e1a367b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-vm-2
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 475
Expires: Sun, 28 Nov 2021 06:11:14 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 24ms
23ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS: bidder.va1.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.bnnbloomberg.ca
date: Sun, 28 Nov 2021 06:11:13 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK manifest.mpd Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/ 4 KB
1 KB 20ms
19ms XHR
application/f4m+xml 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.mpd
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 119f23088c007494c448d90df4bab4829ffc8d446e371a261b1c4c9d64f3a48f

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-12
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Accept-Encoding
Content-Type: application/f4m+xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 784
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7A63
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2doMGJLYm4
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJR4Ku4-ylpsd1h4qehi1xM&google_cver=1

0
337 B

81ms
22ms

Image
text/plain

34.226.34.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJR4Ku4-ylpsd1h4qehi1xM&google_cver=1
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 34.226.34.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-34-89.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1638079874
x-served-by: beacon-n017-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJR4Ku4-ylpsd1h4qehi1xM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 7A63 42 B
447 B 66ms
41ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Ogh0bKbn
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7A63
Redirect Chain

https://stags.bluekai.com/site/26357?id=Ogh0bKbn&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOgh0bKbn%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=Ogh0bKbn&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

33ms
23ms

Image
text/plain

34.226.34.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=Ogh0bKbn&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 34.226.34.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-34-89.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1638079874
x-served-by: beacon-n002-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=Ogh0bKbn&partner=bluekai&bk_uuid=$_BK_UUID
Date: Sun, 28 Nov 2021 06:11:14 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 204 load
loadm.exelator.com/ Frame 7A63 0
324 B 74ms
24ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=Ogh0bKbn&p=204&g=270&j=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 p
sb.scorecardresearch.com/ Frame 7A63 64 B
444 B 26ms
26ms Image
image/gif 13.226.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=Ogh0bKbn&rn=1638079874
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-38.ewr53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GOxPwgDVqbDu6IzS11XfvB0zwNLdzAoPlGiAb7OaXPrNWYG5JBYEhA==

GET
H2 200 g.js
aa.agkn.com/adscores/ Frame 7A63 43 B
656 B 169ms
99ms Image
image/gif 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 158c603777b70da7a395beb589ad17db.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: MKjVlMZHgLVMggn2HBVLPrGUVkknjhlXnlx07mI-1cHgma2WvTdCXw==
expires: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7A63
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YaMdgs9pn4B.hy62MqV8CwAA%26490

0
338 B

85ms
22ms

Image
text/plain

34.226.34.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YaMdgs9pn4B.hy62MqV8CwAA%26490
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 34.226.34.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-34-89.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1638079874
x-served-by: beacon-n005-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YaMdgs9pn4B.hy62MqV8CwAA%26490
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 283
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame 7A63 0
0

GET collect
dx.bigsea.weborama.com/ Frame 7A63 0
0

GET getdata.xgi
r.nexac.com/e/ Frame 7A63 0
0

GET
H2 200 comscore-js-6.3.1.181004.min.js Show response
webapps.9c9media.com/vidi-player/1.9.24/lib/comscore/ 156 KB
43 KB 22ms
22ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/comscore/comscore-js-6.3.1.181004.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 387168815d8e02c9c12a63d98fdceacaea0993c73d9808dba062f1a3e4de84dc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:09 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 43444
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H2 200 moatplugin.js Show response
z.moatads.com/jwplayerplugin0938452/ 4 KB
2 KB 19ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/jwplayerplugin0938452/moatplugin.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0d910cc1aa24413aaeef9f2cb52c3ed8bc4a06e823fc1d2d26f75667a0233764

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 14:31:58 GMT
server: AmazonS3
x-amz-request-id: 3BD0846A35378DAB
etag: "30b375ad7de497af4a70858611be5346"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17460
accept-ranges: bytes
content-length: 1908
x-amz-id-2: 5pd3JdUcrw6S/mjRD2mdmVFvxu8Ubz5ZTH4oja7tZpc9Z/Fg5y8IDydjDul3ZEkApSfHA4L7+ec=

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
3 KB 87ms
40ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 93ms
66ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

b477057fbd9238d77bfae7d31dd008148100c107e675c29f2662ad93a457aec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1057 / 53 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26859
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1 200
OK manifest.mpd Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/ 4 KB
1 KB 20ms
20ms XHR
application/f4m+xml 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.mpd
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/js/bellmedia/vendor/jquery/jquery.min.js?v1637936125
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 119f23088c007494c448d90df4bab4829ffc8d446e371a261b1c4c9d64f3a48f

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-12
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Accept-Encoding
Content-Type: application/f4m+xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 784
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1

200
OK

manifest.vtt Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/
Redirect Chain

https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.vtt
https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt

128 KB
14 KB

102ms
28ms

XHR
text/vtt

2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 42ea66328975bc5474b573a2c725eaa974c1472e7271c4b5ce0a49a636a99d6c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Encoding: gzip
Akamai-Mon-Iucid-Del: 578839
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/vtt
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=31420763
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 13461
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del

Redirect headers

Pragma: no-cache
Home: 9c9-axis-capi-vm-3
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Location: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame B695 1 KB
2 KB 30ms
29ms Document
text/html 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

b00fa09fd09d4cdc8ca5370e7cfb564db3ae7769a8a8309573686fd8c55b9561

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&dcc=t

Response headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1457
Connection: keep-alive
x-amz-rid: E6XM0QJ9TGFN1PFRSJBG
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ 36 KB
12 KB 90ms
62ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ 52 KB
15 KB 48ms
21ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 22:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sun, 28 Nov 2021 22:08:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 92ms
33ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 93ms
36ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 106 KB
23 KB 122ms
122ms XHR
text/plain 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3625716922125277&correlator=4265741732756619&output=ldjh&impl=fifs&eid=31063378&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211128&iu_parts=5479%2Cctv.bnn%2CTechnology%2CArticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C320x50%7C300x250%7C300x600%2C1x1%2C30x1&fluid=0%2Cheight%2C0%2C0&ists=2&prev_scp=amznbid%3D2%26amznp%3D2%26IOM%3D728x90_0%2C970x250_130%26ix_id%3D_Dvh8xp9U%2C_Dvh8xp9U%7Camznbid%3D2%26amznp%3D2%26IOM%3D300x250_115%26ix_id%3D_D2oOzybH%26ix_apnx_om%3D300x250_0%26ix_apnx_id%3D_W2Sn96E7%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26ksgmnt%3D%26u%3D%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie_enabled=1&bc=31&abxe=1&lmt=1638079874&dt=1638079874485&dlt=1638079872743&idt=1322&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C970%2C970%2C970&adys=197%2C318%2C1101%2C1101&adks=1403910068%2C1960385940%2C1882654456%2C2645742303&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0%7C300x802%7C300x802&msz=728x20%7C300x0%7C0x0%7C0x0&ga_vid=1887333569.1638079874&ga_sid=1638079874&ga_hid=655402997&ga_fc=true&fws=128%2C132%2C132%2C132&ohw=0%2C980%2C980%2C980&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

dcbbacddddf110cd0b3099a9338995bba0cad05dbb55d275fc72b8e1cfe48af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23889
x-xss-protection: 0
google-lineitem-id: 5825375997,5817447030,-2,4436813264
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373128006,138369465331,-2,138360304040
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7830 6 KB
4 KB 101ms
36ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 28 Nov 2021 06:11:14 GMT
expires: Mon, 28 Nov 2022 06:11:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
434 B 71ms
26ms XHR
text/plain 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=291504&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183816-157675210059039.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
X-AK-INITIAL-GEO: CC:[CA], RC:[QC], CN:[NA], CIP:[37.120.205.170], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.bnnbloomberg.ca
X-CS-CLIENT-GEO: 19
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 19
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame B695 0
239 B 64ms
20ms Image
text/plain 2600:9000:21ea:8400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:8400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 16d05722e4fd66d659ec48b5bb6f2d19.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: ap-TXz8ol3bP542cH3dGMBGF3luu7fO08lpmPdDgI65SIPv_LfoAQA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 00AA 2 KB
3 KB 30ms
30ms Document
text/html 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 201b183187d01c772206f76a585e3ec2ed3fb8cf79e003754b2f19aca17a5e14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|206|40|190|5
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1640
Expires: Sun, 28 Nov 2021 06:11:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Connection: keep-alive

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame B0F9 427 B
613 B 90ms
23ms Document
text/html 54.173.172.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.172.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-172-38.compute-1.amazonaws.com
Software: /
Resource Hash: 5f46a3316f76ce99842f91c73a86bf22d6be768490cf4aac399221d07d08b304

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-length: 427

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame D23A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1BTXVHOTNaRTJ1SVNUcW56OTd5NExsOXFpX2tQOUs5bn5B

43 B
556 B

31ms
31ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1BTXVHOTNaRTJ1SVNUcW56OTd5NExsOXFpX2tQOUs5bn5B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 9DH02NH1M9PQ4YZA7C4P
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1BTXVHOTNaRTJ1SVNUcW56OTd5NExsOXFpX2tQOUs5bn5B
age: 0
server: ATS/9.1.0.33

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame BDB1
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=districtm

43 B
556 B

30ms
30ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=districtm

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 4SK53KG732MJ3ZZK3EXB
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: nginx/1.17.9
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=districtm
AN-X-Request-Uuid: 6dbc798a-05ee-4447-aa06-e93710f2c016
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 7CAF
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=appnexus.com

43 B
556 B

41ms
30ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: Z5XCFF3DJHFY1YVJQJQC
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: nginx/1.17.9
Date: Sun, 28 Nov 2021 06:11:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8634506771707896453&ex=appnexus.com
AN-X-Request-Uuid: c01a3508-2f3e-4825-abdf-59154ca90b2a
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com

GET
H2

200

index.html Show response
cdn.districtm.io/ids/ Frame FA90
Redirect Chain

https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D

116 B
342 B

32ms
31ms

Document
text/html

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-vmg_dm_an-db5_dmx&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-type: text/html
cf-ray: 6b5170104f4f714b-YUL
age: 85174
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 b2cb5873eebaf86981435722128eab73.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: 3N364DmWd7oGH7KYK3XhvQj631kgHvYIMa1KMhjQDfeLU5tL6oMsFg==
x-amz-cf-pop: EWR52-C4
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

date: Sun, 28 Nov 2021 06:11:14 GMT
location: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray: 6b5170101f30714b-YUL
cache-control: max-age=3600
expires: Sun, 28 Nov 2021 07:11:14 GMT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.15/ 72 KB
21 KB 49ms
11ms Script
text/plain 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.15/googima.js
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91d6b3fb51f70a571839685d7c4334d0c6672f98b86799199f8e964f3b7fb755

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
age: 14812098
x-cache: HIT
content-length: 21596
via: 1.1 varnish
x-served-by: cache-yul12826-YUL
last-modified: Tue, 08 Jun 2021 20:34:37 GMT
server: AmazonS3
x-timer: S1638079875.600808,VS0,VE0
etag: "fedf7e9b02ef166852d1d023cc30b1cc"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 159295

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.20.11/ 57 KB
17 KB 58ms
20ms Script
application/javascript 2a04:4e42::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.20.11/jwpsrv.js
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
age: 335
x-cache: HIT
content-length: 17364
via: 1.1 varnish
x-served-by: cache-yul12826-YUL
last-modified: Thu, 17 Jun 2021 20:16:14 GMT
server: AmazonS3
x-timer: S1638079875.600882,VS0,VE0
etag: "2d642e2770c705fe7a30a5a3a28396ea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 109

GET
H2 200 jwplayer.core.controls.js Show response
webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/ 302 KB
77 KB 22ms
22ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.core.controls.js
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 4654afad83c7f43ed95618aba12e8673454294ece712b17f934dd029c1142481

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:12 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 78745
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H2 200 provider.shaka.js Show response
webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/ 371 KB
116 KB 29ms
29ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 3d8e2c41a3720058e903295d2d6d22e8252411aeb4371c41b5627e2426e552a6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:19 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 118207
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 00AA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaMdgs9pn4B.hy62MqV8CwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMTdsM0Duu9scYK5QEWGI0&google_cver=1&google_hm=2

43 B
1017 B

31ms
31ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMTdsM0Duu9scYK5QEWGI0&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENMTdsM0Duu9scYK5QEWGI0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 00AA
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&expiration=1640671874&gdpr=0&gdpr_consent=

43 B
1007 B

64ms
27ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&expiration=1640671874&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&expiration=1640671874&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 00AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOTRJ4UFFxE0PgTXuBwm8DA&google_cver=1

43 B
315 B

29ms
29ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOTRJ4UFFxE0PgTXuBwm8DA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOTRJ4UFFxE0PgTXuBwm8DA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 00AA 43 B
932 B 79ms
31ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DQREGMC5EEE870BZGTA8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 00AA
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB

43 B
871 B

91ms
28ms

Image
image/gif

2600:1f18:4e9:5a01:d442:ba08:69c2:12fc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

Server

2600:1f18:4e9:5a01:d442:ba08:69c2:12fc Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB
date: Sun, 28 Nov 2021 06:11:14 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 00AA
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8634506771707896453

43 B
990 B

93ms
28ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8634506771707896453
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:14 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
X-Proxy-Origin: 37.120.205.170; 37.120.205.170; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 5c839e6c-226d-425e-ba83-6ce4ae5374dc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8634506771707896453
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 00AA 0
0 61ms
18ms Image
text/html 2606:4700:3039::6815:c09d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 00AA 43 B
556 B 79ms
31ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YaMdgs9pn4B-hy62MqV8CwAAAeoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XRS3PHWZ1VC4A1DSKGSY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 4FAA
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

24ms
23ms

Document
text/html

18.213.10.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-151.compute-1.amazonaws.com
Software: /
Resource Hash: 68f8ee32d438711a6048ca00f24f375aa31774c606b72d7a5ab34147e244542d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sun, 28 Nov 2021 06:11:14 GMT
pragma: no-cache

Redirect headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H2

200

5-financing-challenges-keeping-business-owners-up-at-night-1.1686731 Show response
www.bnnbloomberg.ca/ Frame DED9
Redirect Chain

https://ad.doubleclick.net/ddm/trackclk/N1615345.3460408BBNBLOOMBERG/B26685634.321766175;dc_trk_aid=514055105;dc_trk_cid=162272851;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
https://www.bnnbloomberg.ca/5-financing-challenges-keeping-business-owners-up-at-night-1.1686731?utm_source=bnn&utm_medium=banner+728x90&utm_campaign=cart20+221009&utm_content=cons+cobrand

234 KB
36 KB

26ms
25ms

Fetch
text/html

23.217.175.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bnnbloomberg.ca/5-financing-challenges-keeping-business-owners-up-at-night-1.1686731?utm_source=bnn&utm_medium=banner+728x90&utm_campaign=cart20+221009&utm_content=cons+cobrand
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 23.217.175.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-175-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11fdf941bbf8423aea172efab92d3ff6d3724a655402cc6318dda992e6eafdb8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-vcache: MISS
vary: Accept-Encoding
content-type: text/html;charset=utf-8
cache-control: public, max-age=216, s-maxage=300
accept-ranges: bytes
content-length: 37101
expires: Sun, 28 Nov 2021 06:14:50 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://www.bnnbloomberg.ca/5-financing-challenges-keeping-business-owners-up-at-night-1.1686731?utm_source=bnn&utm_medium=banner+728x90&utm_campaign=cart20+221009&utm_content=cons+cobrand
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DED9 0
0 35ms
35ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGgBiF9-xMcEPCgq3STrmfj8sDdJgTh7OLfa5-v75T19acHYrZK7iOnqiJGjU3YRMscZGaPbGzOd4aLYtoNwy3RusCu3xSqIye6YyX7KfejMZpYML5KsU9YXzuiIBgb-Cm1larzirYt-_VZ-rn_ap9tVV6T-HPddcAdxUS1X123mMsR34RUPaUGYD_y0rYIS01wjl2byTwGqKsobNYzUKnD6NVd3ph_QruHpvlytjRZKFefVuNVj6uiEPwR7eNSgJrR6EbpQfyStyv_yFKR-UoauzkE3XW685keNmXmrOvYI6QM6X5bisvLgQfXLIaSZwC2zeh6cILO_2Ao_05t9N-7YBivQA&sig=Cg0ArKJSzPqdeByX__ZDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DED9 2 KB
2 KB 30ms
20ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 06:03:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DED9 119 KB
36 KB 122ms
96ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DED9 0
0 85ms
36ms Image
text/html 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR59Nkq9ZORVHO7SkuEoFEY5DezExnilaV2Qu1mgU3BhEoZNHk5S2gGkB1MGuSrBOiyUKk_FzIYG0N6D2QMUHyhFZIEeg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 13086777635869113496
tpc.googlesyndication.com/simgad/ Frame DED9 19 KB
19 KB 30ms
21ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13086777635869113496

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807159ad847198da8db20c59ab0486a180f7e2a9e167660cf6325063bd63edec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:52:09 GMT
x-content-type-options: nosniff
age: 116345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19435
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 21:35:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 21:52:09 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/bellmediadfp605600943044/ Frame DED9 12 KB
5 KB 20ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmediadfp605600943044/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 872beb1fa54c9955ef4708b33b362adf14124e6e9a7cd18031c94f2ced0cd555

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 17:56:44 GMT
server: AmazonS3
x-amz-request-id: FFQQGVP2ZZX5R8PJ
etag: "0a63022ffea5e9257ea380668ecffdab"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19620
accept-ranges: bytes
content-length: 4443
x-amz-id-2: Ck30t+4jzPeSGTF7VAJ0BltHKZB3NZbtD8FCFTBzKvPDiVbfrN0kmuYu076Cn52sRsPQ2h7YxBk=

GET
H3 200 container.html Show response
21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B712 6 KB
3 KB 47ms
19ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 28 Nov 2021 06:11:14 GMT
expires: Mon, 28 Nov 2022 06:11:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AC1 0
0 35ms
35ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAfOXuNK88Yrj6w06QcHk8UDvRbDOlWn-z9DPdfZ0nh2ICsRs1LJ3LBzE0936_S7Vp96LYrhbmYIUm1XJ_ToktnyOicZzU7jRYcZ-kaGtJ-qzn5yxchEawSHO19PF0ogE98CQ9rg5lEWZw4JVJiFEZQycjN_fRaXKzFyTSsMSn8jAZHf-0VqqhN_TdUfoZjNwdry4F7Qf9B_TdBfOXfAuR81I4mncAG_aspQrc2PHYISrzEEodXddPFssShguLQ8_3oCT8ftM3uY5MmrwM2YhQgvcTqMmuIPTdxvb9Joza7iTKQN0Zr3rDBXgtCpqi7_Cjnmd&sig=Cg0ArKJSzJlPehty5xuEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/83/ Frame 6AC1 25 KB
10 KB 79ms
22ms Script
text/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/83/freeskreen.min.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 049f1305bcd4218588ef8407dae8fc656833a70748a8ebdce3b0fd3bb00ff0db

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qUIVSnKi9GLkhVOOAOgjKF5chNGQt2px
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 13:21:20 GMT
Server: AmazonS3
Age: 75637
ETag: "9d1f50a841dc57d41d2bddf48ac5a0a1"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Sat, 27 Nov 2021 09:10:38 GMT
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 9275
X-Amz-Cf-Id: rHBsKiJs9oNKtVTeDAxrpNiHI9bY5hT5YEv1M3AcRSLaGi7vL-8TaA==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AC1 119 KB
36 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/bellmediadfp605600943044/ Frame 6AC1 12 KB
5 KB 20ms
20ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/bellmediadfp605600943044/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 872beb1fa54c9955ef4708b33b362adf14124e6e9a7cd18031c94f2ced0cd555

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 17:56:44 GMT
server: AmazonS3
x-amz-request-id: FFQQGVP2ZZX5R8PJ
etag: "0a63022ffea5e9257ea380668ecffdab"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19620
accept-ranges: bytes
content-length: 4443
x-amz-id-2: Ck30t+4jzPeSGTF7VAJ0BltHKZB3NZbtD8FCFTBzKvPDiVbfrN0kmuYu076Cn52sRsPQ2h7YxBk=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=BELLMEDIA_PREBID_HEADER1&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1638079873582&de=820719166330&rx=529378786612&m=0&ar=7e5b6a28623-clean&iw=ed14c44&q=2&cb=0&cu=1638079873582&ll=2&lm=0&ln=0&em=0&en=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&bo=ctv.bnn&bd=Article&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=bellmediaprebidheader755367530455&fd=1&ac=1&it=500&pe=1%3A544%3A544%3A0%3A865&fs=195763&na=1383773039&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 116ms
57ms Image
image/gif 2a03:2880:f162:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260030771280344&ev=Microdata&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&rl=&if=false&ts=1638079874787&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20%20BNN%20Bloomberg%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22og%3Asite_name%22%3A%22BNN%22%2C%22og%3Atitle%22%3A%22When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20%20BNN%20Bloomberg%22%2C%22og%3Adescription%22%3A%22The%20call%20was%20coming%20from%20inside%20the%20company.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.bnnbloomberg.ca%2Fpolopoly_fs%2F1.1687753!%2Ffileimage%2FhttpImage%2Fimage.jpg_gen%2Fderivatives%2Flandscape_620%2Fthe-robinhood-application-on-a-smartphone-arranged-in-hastings-on-hudson-new-york-u-s-on-friday-jan-29-2021-gamestop-corp-advanced-on-friday-and-was-on-track-to-recoup-much-of-thursday-s-11-billion-blow-after-robinhood-markets-inc-and-other-brokerages-eased-trading-restrictions-on-the-video-game-retailer-photographer-tiffany-hagler-geard-bloomberg.jpg%22%2C%22og%3Atype%22%3A%22article%22%2C%22article%3Apublished_time%22%3A%222021-11-27T11%3A30%3A49-05%3A00%22%2C%22article%3Aauthor%22%3A%22Bloomberg%20News%22%2C%22article%3Asection%22%3A%22Technology%22%2C%22article%3Atag%22%3A%22Company%20News%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638079874207.1991311764&it=1638079873727&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 200 BJzcOF25EeaRpQpVuA4vVw.json Show response
entitlements.jwplayer.com/ 70 B
244 B 161ms
38ms XHR
application/json 152.199.5.228
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/BJzcOF25EeaRpQpVuA4vVw.json
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/817E) /
Resource Hash: 58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 03:44:32 GMT
server: ECAcc (cha/817E)
age: 8802
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=16500
accept-ranges: bytes
content-length: 75

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 368 KB
123 KB 96ms
41ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame B0F9 43 B
556 B 32ms
30ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=efa820e2-2889-4174-ad5b-7a03dd0985b1

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:14 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H38GK0E9CR6Q96PXC0HR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B0F9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=7a397fd7-a4f7-4eb0-a12e-51af1f3f90a5

68 B
262 B

25ms
24ms

Image
image/png

54.173.172.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=7a397fd7-a4f7-4eb0-a12e-51af1f3f90a5
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 54.173.172.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-172-38.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-length: 68
content-type: image/png

Redirect headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:10 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=7a397fd7-a4f7-4eb0-a12e-51af1f3f90a5
Cache-Control: private,no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 246
Expires: -1

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B0F9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490

68 B
262 B

24ms
24ms

Image
image/png

54.173.172.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 54.173.172.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-172-38.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 307
Expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B0F9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490

68 B
262 B

24ms
23ms

Image
image/png

54.173.172.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 54.173.172.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-172-38.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YaMdgs9pn4B.hy62MqV8CwAA%26490
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 307
Expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B0F9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=

68 B
262 B

29ms
23ms

Image
image/png

54.173.172.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 54.173.172.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-172-38.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

manifest.vtt Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/
Redirect Chain

https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.vtt
https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt

128 KB
14 KB

29ms
28ms

XHR
text/vtt

2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 42ea66328975bc5474b573a2c725eaa974c1472e7271c4b5ce0a49a636a99d6c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Content-Encoding: gzip
Akamai-Mon-Iucid-Del: 578839
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/vtt
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=31420762
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 13461
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del

Redirect headers

Pragma: no-cache
Home: 9c9-axis-capi-vm-3
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:14 GMT
Location: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/vtt/00000000/78a8ea51b394996a/manifest.vtt
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sun, 28 Nov 2021 06:11:14 GMT

GET
H2 200 polyfills.webvtt.js Show response
webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/ 10 KB
5 KB 21ms
21ms Script
application/javascript 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/polyfills.webvtt.js
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 21939df91566cf06472adf6452c0e591e6c3aa0f5d6c1352a540ba149f9cab3e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 15:06:15 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
content-length: 4397
expires: Sun, 28 Nov 2021 06:21:14 GMT

GET
H/1.1 200
OK 2021_11_26_ef812d0b-21d8-4428-a3ee-0fc42d49bb5d_png_680x377.jpg
images2.9c9media.com/image_asset/ 29 KB
30 KB 32ms
31ms Image
image/jpeg 23.204.138.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.9c9media.com/image_asset/2021_11_26_ef812d0b-21d8-4428-a3ee-0fc42d49bb5d_png_680x377.jpg?width=640&maintain_aspect=1
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.138.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-138-74.deploy.static.akamaitechnologies.com
Software: / ASP.NET
Resource Hash: 366b63488c133deed3d2fe1d5452002379fd437eae1740aa84b7c6b167212421

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:14 GMT
Last-Modified: Fri, 26 Nov 2021 05:00:00 GMT
X-Powered-By: ASP.NET
ETag: "0o/hv6y5Krq7U2WY/xfBiw=="
X-Varnish: 57418495 57619975
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2476803
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 30065
Expires: Sun, 26 Dec 2021 22:11:17 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 58ms
57ms Image
image/gif 2a03:2880:f162:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417766778714379&ev=Microdata&dl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&rl=&if=false&ts=1638079874917&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20%20BNN%20Bloomberg%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22og%3Asite_name%22%3A%22BNN%22%2C%22og%3Atitle%22%3A%22When%20a%20Hacker%20Calls%3A%20How%20Robinhood%20Fell%20Victim%20to%20a%20Vishing%20Raid%20-%20%20BNN%20Bloomberg%22%2C%22og%3Adescription%22%3A%22The%20call%20was%20coming%20from%20inside%20the%20company.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.bnnbloomberg.ca%2Fpolopoly_fs%2F1.1687753!%2Ffileimage%2FhttpImage%2Fimage.jpg_gen%2Fderivatives%2Flandscape_620%2Fthe-robinhood-application-on-a-smartphone-arranged-in-hastings-on-hudson-new-york-u-s-on-friday-jan-29-2021-gamestop-corp-advanced-on-friday-and-was-on-track-to-recoup-much-of-thursday-s-11-billion-blow-after-robinhood-markets-inc-and-other-brokerages-eased-trading-restrictions-on-the-video-game-retailer-photographer-tiffany-hagler-geard-bloomberg.jpg%22%2C%22og%3Atype%22%3A%22article%22%2C%22article%3Apublished_time%22%3A%222021-11-27T11%3A30%3A49-05%3A00%22%2C%22article%3Aauthor%22%3A%22Bloomberg%20News%22%2C%22article%3Asection%22%3A%22Technology%22%2C%22article%3Atag%22%3A%22Company%20News%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638079874207.1991311764&it=1638079873727&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 28 Nov 2021 06:11:14 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
185 B 101ms
101ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5eba39cd4e47377b456432f925677540d7be6ac045f2498a72cbc0d46a649f83

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 111
via: 1.1 google

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame FA90 3 KB
2 KB 22ms
22ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:14 GMT
via: 1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 11990
cf-polished: origSize=3302
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: EWR52-C4
cf-ray: 6b5170125940714b-YUL
x-amz-cf-id: grPGiWniH68bfTtn_MAV7TZgFVtqyKFXbidN-Zh6RPPqvpzkLyNSHw==
expires: Tue, 30 Nov 2021 06:11:14 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 4FAA 43 B
1 KB 30ms
30ms Image
image/gif 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=beff4752-f62b-4ac9-b220-275066eabc77&expiration=1646028674
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 81 KB
22 KB 474ms
396ms Script
text/html 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts&flc=&slc=&windowlocation=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&usp=&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/83/freeskreen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 921517e8366789a69c9ac44e3b0e5411c203374f31868a05ea3fd9b3f47b726c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
content-type: text/html;charset=UTF-8
content-length: 22233
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DED9 0
0 71ms
35ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtFRQiD670Kclsmuv2eV18EY_ET8G7WLH_pNqooUVuGRwcNgBk6vyAIQMG2vY-QAytMfKQZWvIsIf27pSXAGlf3AmBqeqrbZLRY5OwugtnmyGKHa95-TE4DRxJRD0Jj8iYuC39Tk6aP-to2qyne9fV-c0kIKmx6p26v9MTThltqWFmvCg-WhpF4D2cFUNxL74p8G4hLrPF_dzdXAj41SCbY7fIwEPlavkojf61y5DFe84gt_CtFSrA3BGi0sytnzelB2PfNjZBlpMl3TZw_N-vRJ8Es8aIMj2Lmf8LyKoy5YorezVIwDWPMg3oWUcOAe1G56HLUdG4fC0&sig=Cg0ArKJSzIuJrg_-Q61GEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
DATA 200
OK truncated
/ Frame DED9 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dd93f68bd51d71028253b2054f5b79afbdc5d045bfea4005559e1883ccb977d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame DED9 43 B
260 B 20ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=BELLMEDIA1%3A56418679%3A92336599%3A-&de=369151441473&t=1638079875034&i=MOAT_FEATHER_DEBUG1&gw=bellmediadfp605600943044&cm=1&ac=1&f=0&bq=0&ar=b4494b788bb-clean&iw=b175e8b&dMoatOQs=moatClientLevel1%3D15536239%26moatClientLevel2%3D2931143273%26moatClientLevel3%3D5825375997%26moatClientLevel4%3D138373128006%26moatClientSlicer1%3D56418679%26moatClientSlicer2%3D92336599%26zMoatMSafety%3Dunsafe%26zMoatIPM%3D%26zMoatWD%3D728%26zMoatHT%3D90%26zMoatAdUnitPath%3D%2F5479%2Fctv.bnn%2FTechnology%2FArticle%26refresh%3D1%26zMoatIPMID%3D%26zMoatPS%3D%26zMoatST%3D%26zMoatSZ%3D728x90%26zMoatMMV%3DnoHistData%26zMoatMGV%3DnoHistData%26zMoatMData%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=726695769&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2 200 buyers Show response
dmx.districtm.io/s/v1/ Frame FA90 579 B
899 B 73ms
55ms XHR
application/json 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/buyers

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af2ada855d95f876ddd52ebb2cc47a2325b11c0bced191ea898929d6b7afe537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b5170133a4c714b-YUL
access-control-allow-headers: Origin, Content-Type

GET
H/1.1 200
OK manifest.mpd Show response
capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/ 4 KB
1 KB 22ms
20ms Fetch
application/f4m+xml 23.217.28.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.9c9media.com/destinations/bnn_web/platforms/desktop/bond/contents/2331316/contentpackages/4693242/manifest.mpd
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.28.32 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-28-32.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 119f23088c007494c448d90df4bab4829ffc8d446e371a261b1c4c9d64f3a48f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Home: 9c9-axis-capi-12
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
Date: Sun, 28 Nov 2021 06:11:15 GMT
Vary: Accept-Encoding
Content-Type: application/f4m+xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Accept, X-FORWARDED-FOR, Home, authorization
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 784
Expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 6AC1 43 B
260 B 23ms
22ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=BELLMEDIA1%3A56418679%3A92336599%3A-&de=951656053455&t=1638079875083&i=MOAT_FEATHER_DEBUG1&gw=bellmediadfp605600943044&cm=1&ac=1&f=0&bq=0&ar=b4494b788bb-clean&iw=b175e8b&dMoatOQs=moatClientLevel1%3D18285079%26moatClientLevel2%3D547148719%26moatClientLevel3%3D4436813264%26moatClientLevel4%3D138360304040%26moatClientSlicer1%3D56418679%26moatClientSlicer2%3D92336599%26zMoatMSafety%3Dunsafe%26zMoatIPM%3D%26zMoatWD%3D30%26zMoatHT%3D1%26zMoatAdUnitPath%3D%2F5479%2Fctv.bnn%2FTechnology%2FArticle%26refresh%3D1%26zMoatIPMID%3D%26zMoatPS%3D%26zMoatST%3D%26zMoatSZ%3D30x1%26zMoatMMV%3DnoHistData%26zMoatMGV%3DnoHistData%26zMoatMData%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=1433514351&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
DATA 200
OK truncated
/ Frame 6AC1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 403212ff1a4fd74eb325f1b558c3aba007976bba608fccaa828da49da05a7811

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B712 19 KB
8 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Dec 2021 06:08:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B712 22 KB
7 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 05:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Nov 2022 05:43:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B712 119 KB
36 KB 46ms
46ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 649C 580 KB
190 KB 47ms
19ms Document
text/html 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Fri, 26 Nov 2021 03:34:23 GMT
expires: Sat, 26 Nov 2022 03:34:23 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 182212
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 95ms
33ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2

200

625973123154 Show response
dmx.districtm.io/s/10022/ Frame FA90
Redirect Chain

https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
https://dmx.districtm.io/s/10022/625973123154

68 B
152 B

55ms
54ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10022/625973123154

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c71015df7a063d5a62318935f8a8252168f61779fcde2318ca61eee811450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 28 Nov 2021 06:11:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b517014bb8c714b-YUL

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://dmx.districtm.io/s/10022/625973123154

GET
H2

200

YaMdgQAAALyuUQPl Show response
dmx.us-east-33.districtm.io/s/10016/ Frame FA90
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-33.districtm.io/s/10016/$%7BTM_USER_ID%7D
https://dmx.us-east-33.districtm.io/s/10016/YaMdgQAAALyuUQPl

72 B
209 B

133ms
39ms

Script
application/javascript

35.231.227.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-33.districtm.io/s/10016/YaMdgQAAALyuUQPl

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Server

35.231.227.177 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

177.227.231.35.bc.googleusercontent.com

Software

Resource Hash

f0d88c17cfa7d70f260791623289835e8b6e0ffa7b82f30865b66f93ec18c050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-length: 72
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638079875.230485,VS0,VE0
x-served-by: cache-yul12822-YUL
x-cache: HIT
location: https://dmx.us-east-33.districtm.io/s/10016/YaMdgQAAALyuUQPl
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

y-SiGw0JpE2uGWuSf7.wGpEzdi_ojvcT8N~A~UPfe484cfa-5011-11ec-93ea-0aa43e051bf3 Show response
dmx.districtm.io/s/10051/ Frame FA90
Redirect Chain

https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPfe484cfa-5011-11ec-93ea-0aa43e051bf3
https://dmx.districtm.io/s/10051/y-SiGw0JpE2uGWuSf7.wGpEzdi_ojvcT8N~A~UPfe484cfa-5011-11ec-93ea-0aa43e051bf3

131 B
188 B

52ms
52ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10051/y-SiGw0JpE2uGWuSf7.wGpEzdi_ojvcT8N~A~UPfe484cfa-5011-11ec-93ea-0aa43e051bf3

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36dae2d5ab0d8767a959eac7ae4988230cd7ce976a6451804faf3f3aa0c9c19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 28 Nov 2021 06:11:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b517014fbc0714b-YUL

Redirect headers

location: https://dmx.districtm.io/s/10051/y-SiGw0JpE2uGWuSf7.wGpEzdi_ojvcT8N~A~UPfe484cfa-5011-11ec-93ea-0aa43e051bf3
date: Sun, 28 Nov 2021 06:11:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

1813050708306528349 Show response
dmx.districtm.io/s/10056/ Frame FA90
Redirect Chain

https://p.rfihub.com/cm?pub=36496&in=1
https://dmx.districtm.io/s/10056/1813050708306528349

75 B
128 B

52ms
51ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10056/1813050708306528349

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bf2369e658fb3c9ea4c5a5a822e4c333102ea535f78354534f3e070a07006d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 28 Nov 2021 06:11:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b5170159c8f714b-YUL

Redirect headers

Location: https://dmx.districtm.io/s/10056/1813050708306528349
Date: Sun, 28 Nov 2021 06:11:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

y-DYyUYM1E2uF4r_kJELgrdSkbL0L7U1b9C51jlJ0-~A Show response
dmx.districtm.io/s/10057/ Frame FA90
Redirect Chain

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
https://dmx.districtm.io/s/10057/y-DYyUYM1E2uF4r_kJELgrdSkbL0L7U1b9C51jlJ0-~A

100 B
163 B

59ms
59ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10057/y-DYyUYM1E2uF4r_kJELgrdSkbL0L7U1b9C51jlJ0-~A

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7614e6ba0968f03c23550573abc2a4001be570b6ae2ddc6c1bf00b184e657744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 28 Nov 2021 06:11:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b517014bb87714b-YUL

Redirect headers

location: https://dmx.districtm.io/s/10057/y-DYyUYM1E2uF4r_kJELgrdSkbL0L7U1b9C51jlJ0-~A
date: Sun, 28 Nov 2021 06:11:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AC1 0
0 40ms
39ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXHZYKpmxwQDVL-gPIYDAabfMplQsQ0Af0hBnUkCBgNHWz5YEnphGMQ9NgEjTZ-49qjJDOVTe3BQBh6vMP9hgC25v2lTBlbA0-uNLm2vueZC9xnhAk1cau2qEuYiD85z-S8toQlfKI0yqFOYdEyyITZQA6QMfMHvJzQnD6CWZqFyA66yrwOyRB2vxgNpzpKc38Eo8_3FycREdOLBTh6KYLTowuWH64pUqBIP7hhY332-iirh2mECAXYW7IUrfjorhtS5-Pi2zk9JOjO_vCSvmkKGvLtEFSGFIohTeXrpNZhAsgn7q9bedX7QaFRNBCavIhckfjydE&sig=Cg0ArKJSzAVcYLQCeatREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A1C9 37 KB
13 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 05:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:34:24 GMT

GET
H/1.1 200
OK init.mp4 Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/ 588 B
1 KB 26ms
21ms Fetch
video/mp4 2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/init.mp4
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57bed4a2798d28adf16ed139ae0a3e2ee832fa5c472de19be2874de5a917a851

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Akamai-Mon-Iucid-Del: 578842
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: max-age=31420794
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 588

GET
H/1.1 200
OK 0.m4f Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/segment/ 48 KB
48 KB 50ms
28ms Fetch
video/mp4 2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/segment/0.m4f
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea013fd6ebe719829d6ba1888937eb71b555f57a4b4d16b06265d90f76aa946

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Akamai-Mon-Iucid-Del: 578842
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: max-age=31420869
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 48664

GET
H/1.1 200
OK init.mp4 Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/h264/v2/1856000/ 680 B
1 KB 58ms
21ms Fetch
video/mp4 2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/h264/v2/1856000/init.mp4
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0e6eeaf5fdede93a23339c21346072623d2a58ae36986d6c4056fd27d299bf01

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Akamai-Mon-Iucid-Del: 578842
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: max-age=31420811
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 680

GET
H/1.1 200
OK 0.m4f Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/h264/v2/1856000/segment/ 901 KB
902 KB 85ms
48ms Fetch
video/mp4 2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/h264/v2/1856000/segment/0.m4f
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b9c77c1a77dc5eb118607db267bcd1123921e64546734eef71e951b9af50b389

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Akamai-Mon-Iucid-Del: 578842
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: max-age=31420817
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 922738

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=1695&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A0%3A865&as=0&ag=42&an=0&gf=42&gg=0&ix=42&ic=42&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=42&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=84&cd=0&ah=84&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=1544598330&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame B712 109 KB
38 KB 53ms
23ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
Origin: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 11:21:56 GMT

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
87 B 110ms
109ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-max-age: 86400
access-control-allow-credentials: true
alt-svc: clear
content-length: 20
via: 1.1 google
access-control-expose-headers: *

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/ Frame 6761 8 KB
3 KB 47ms
20ms Document
text/html 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540c0cf84b680a0f646582c27c1af431ab4e09802f7041443f348231b10c10a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2957
date: Sat, 27 Nov 2021 18:23:03 GMT
expires: Sun, 28 Nov 2021 18:23:03 GMT
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 42492
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B712 0
23 B 36ms
36ms Image
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2BuBPPUVcc0eXvNJAaqnKMThuKxVhgIgVnjTYuZtoYMDx9ZeWAmmWYQbLWQ_qrw0M-it4ukh9_9iY4TQXQyI2pcGkqiZF6tTvJu_iV3EjCf12RRH4aCLiKiYJoY8YeC9SIV71dZIOJUy1CeaIJsxaf6Hgnuv0iEJLQ9AjWWgAb-Rivfd3qvGVj4N6JEVx8M80P3zBTSDb2j_gmlUS4JvOSOJYbSD7iqaPrqxLQ_97CIvAJdstY4Mg_PH0c_tAliq3pYeamybLmoo32WoO2LGJqbIu9L2WW-x_Q1dPwwBZFdvqVGuhl-mZalsgCGeXB-OMUsHaIVKZTA&sig=Cg0ArKJSzK_x0PKIy8KgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 176128.m4f Show response
pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/segment/ 47 KB
48 KB 29ms
29ms Fetch
video/mp4 2600:141b:800::17c5:c1d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pe-ak-vp07a-9c9media.akamaized.net/origin/ae/2021-11-26/84C821657630E5D5/dash/00010001/c0a395a2f73a06d3/index/ac09601b/bnn/stream/aac/v2/96000/segment/176128.m4f
Requested by: Host: webapps.9c9media.com
URL: https://webapps.9c9media.com/vidi-player/1.9.24/lib/jwplayer/provider.shaka.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:800::17c5:c1d3 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4c5c6c2cfdb23953e3821af8c749430ba72f0ebc8d3ff8f0ec5948a24ae49a2e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Akamai-Mon-Iucid-Del: 578842
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: max-age=31420828
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: origin,range,hdntl,hdnts
Content-Length: 48552

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 2 KB
2 KB 198ms
57ms Script
application/javascript 199.187.193.165
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=4492830109&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts&flc=&slc=&windowlocation=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: a5702526838a6eb12aeccef5256084709af4cdbe217bd3f7f405750ef1e64d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 7974420
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 078A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

93ms
26ms

Document
text/html

23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=83&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts&flc=&slc=&windowlocation=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Nov 2021 06:11:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Date: Sun, 28 Nov 2021 06:11:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
https://sb.freeskreen.com/um?sa=3496748603547980566

43 B
551 B

25ms
24ms

Image
image/gif

3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?sa=3496748603547980566
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?sa=3496748603547980566
pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://sb.freeskreen.com/um?tlr=e47a14c31f9e4fa09388637eead9df47

43 B
507 B

28ms
28ms

Image
image/gif

3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?tlr=e47a14c31f9e4fa09388637eead9df47
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?tlr=e47a14c31f9e4fa09388637eead9df47
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
https://sb.freeskreen.com/um?ac={$UID}

43 B
424 B

24ms
24ms

Image
image/gif

3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ac={$UID}
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Location: https://sb.freeskreen.com/um?ac={$UID}
Date: Sun, 28 Nov 2021 06:11:15 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://loadeu.exelator.com/load/?p=204&g=1300&j=0
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
https://sb.freeskreen.com/um?ni=de93c3c6b5722be4d39546f120f66d4e

43 B
481 B

24ms
24ms

Image
image/gif

3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ni=de93c3c6b5722be4d39546f120f66d4e
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

date: Sun, 28 Nov 2021 06:11:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sb.freeskreen.com/um?ni=de93c3c6b5722be4d39546f120f66d4e
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame F127 90 KB
33 KB 73ms
22ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:07:56 GMT

GET
H/1.1 200
OK fsk.css
static.freeskreen.com/css/20210107205009/default/ Frame F127 50 KB
29 KB 25ms
24ms Stylesheet
text/css 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/css/20210107205009/default/fsk.css
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 21:23:50 GMT
Content-Encoding: gzip
Age: 31645
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28958
Last-Modified: Thu, 07 Jan 2021 20:54:53 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1610052891/ctime:1610052892/gid:497/gname:jenkins/md5:ba07184144408ada0c1691c69221a457/mode:33188/mtime:1610052892/uid:498/uname:jenkins
ETag: "ba07184144408ada0c1691c69221a457"
x-amz-version-id: 5DtU9pV9aPv90d5PMlXs6Og9O1cWT0Fu
Via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: 3d_uMdJLAF90ixGIe88f6GgsSSYTLk-YdEB5TMkEjFykL95TUI1NKg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 6DE8 90 KB
32 KB 70ms
36ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:07:56 GMT

GET
H/1.1 200
OK fsk.css
static.freeskreen.com/css/20210107205009/default/ Frame 6DE8 50 KB
29 KB 33ms
21ms Stylesheet
text/css 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/css/20210107205009/default/fsk.css
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 21:23:50 GMT
Content-Encoding: gzip
Age: 31645
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28958
Last-Modified: Thu, 07 Jan 2021 20:54:53 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1610052891/ctime:1610052892/gid:497/gname:jenkins/md5:ba07184144408ada0c1691c69221a457/mode:33188/mtime:1610052892/uid:498/uname:jenkins
ETag: "ba07184144408ada0c1691c69221a457"
x-amz-version-id: 5DtU9pV9aPv90d5PMlXs6Og9O1cWT0Fu
Via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: EWgU92rd2q2xlMaMxVD2Xmq5NB1AP9oeE4ngZwQc5IKVuxNfj0JfQQ==

GET
H2 200 css2
fonts.googleapis.com/ Frame 6761 5 KB
1 KB 86ms
35ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:wght@300;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75ce4ec541727faa1ece8dcf8c69753e50a514909cfc576e96075646ff942db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 05:03:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 06:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H3 200 styles.css
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/ Frame 6761 1 KB
529 B 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be92320c7984ae31e064c5f373633be2fca3b5b88ef21c2e122103ff90f1f3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 00:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 00:06:23 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6761 109 KB
37 KB 34ms
32ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H3 200 AdHelper.min.js Show response
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/ Frame 6761 5 KB
2 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/AdHelper.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3582d8f876daa0abc599b25ff4cfafa8b992825d748881df655b13687f5647c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 00:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1666
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 00:06:23 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6761 236 KB
63 KB 42ms
40ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H3 200 EN_300x250.js Show response
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/ Frame 6761 45 KB
8 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/EN_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a323a8d5dc0fcf665d428c66bd137f754f006764f46c20f8be027aa88d4059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 19:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7664
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 19:32:40 GMT

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame FA90 0
602 B 56ms
56ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b5170172e2d714b-YUL
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 136ms
74ms Preflight 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
cf-ray: 6b517016bb922d2e-ORD
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK player-hb.js Show response
static.freeskreen.com/scm/player/20211014b/ Frame F127 265 KB
68 KB 21ms
21ms Script
text/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4af5765b7587881ef567c23d0aa9fcdbeff09e3354473ed56eca490f4df5ca30

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 1a20JKKbfSum1GD_kgL27p_j3szFYaZQ
Content-Encoding: gzip
ETag: "409ad7e8925e1ea5584c81bef309f239"
Age: 8981
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 69058
Last-Modified: Thu, 14 Oct 2021 20:54:36 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1634244865/ctime:1634244872/gid:20/gname:staff/md5:409ad7e8925e1ea5584c81bef309f239/mode:33188/mtime:1634244865/uid:501/uname:mickael
Date: Sun, 28 Nov 2021 03:41:35 GMT
Content-Type: text/javascript
Via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: uz-Y08NJOu3swZZRrZSjebqKzxtEwNXoEPTxH_Wi2AfFu2EKIFuSlg==

GET
H/1.1 200
OK player-hb.js Show response
static.freeskreen.com/scm/player/20211014b/ Frame 6DE8 265 KB
68 KB 25ms
25ms Script
text/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4af5765b7587881ef567c23d0aa9fcdbeff09e3354473ed56eca490f4df5ca30

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 1a20JKKbfSum1GD_kgL27p_j3szFYaZQ
Content-Encoding: gzip
ETag: "409ad7e8925e1ea5584c81bef309f239"
Age: 8981
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 69058
Last-Modified: Thu, 14 Oct 2021 20:54:36 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1634244865/ctime:1634244872/gid:20/gname:staff/md5:409ad7e8925e1ea5584c81bef309f239/mode:33188/mtime:1634244865/uid:501/uname:mickael
Date: Sun, 28 Nov 2021 03:41:35 GMT
Content-Type: text/javascript
Via: 1.1 b759e26bde22770788987f2078515d9b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: Mz4yugjUg7vZDyZz8LcIj8v_e9LsKHXAtOpQTVIOjG6QBFUYlw8mrw==

GET
H3 200 close.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 3 KB
3 KB 21ms
20ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/close.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2d72fa40d3f21ca3cd085c8dd447eb975214bbbd6d9af493b9b205f7626e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:10 GMT
x-content-type-options: nosniff
age: 22325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3053
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:10 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ Frame 6761 15 KB
15 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:wght@300;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 07:47:42 GMT
x-content-type-options: nosniff
age: 80613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14872
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 27 Nov 2022 07:47:42 GMT

GET
H/1.1 200
OK F44630BFF8F3C6CE4CE115B339AF014D.cache.js Show response
static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/ Frame F127 98 KB
34 KB 22ms
22ms Script
application/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/F44630BFF8F3C6CE4CE115B339AF014D.cache.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: jP3BhKySKcISIxarwq4cPXWHxkq.8vAk
Content-Encoding: gzip
ETag: "ffc2c23e98e50d5acfafe8ccfc4dc585"
Age: 57203
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 34110
Last-Modified: Thu, 07 Jan 2021 20:54:06 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1610052721/ctime:1610052845/gid:497/gname:jenkins/md5:ffc2c23e98e50d5acfafe8ccfc4dc585/mode:33188/mtime:1610052721/uid:498/uname:jenkins
Date: Sat, 27 Nov 2021 14:17:53 GMT
Content-Type: application/javascript
Via: 1.1 b759e26bde22770788987f2078515d9b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: nEiFcTKAVk0KfYwC4ZZzz-RWqgLDhTi3ldTlOWqUd-lTDi3s6yfB8Q==

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 25ms
24ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079875&p=2315&c=2671&s=undefined&d=&v=&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=AdOpened&m=2&x=null
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 200
OK F44630BFF8F3C6CE4CE115B339AF014D.cache.js Show response
static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/ Frame 6DE8 98 KB
34 KB 22ms
22ms Script
application/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/F44630BFF8F3C6CE4CE115B339AF014D.cache.js
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: jP3BhKySKcISIxarwq4cPXWHxkq.8vAk
Content-Encoding: gzip
ETag: "ffc2c23e98e50d5acfafe8ccfc4dc585"
Age: 57203
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 34110
Last-Modified: Thu, 07 Jan 2021 20:54:06 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1610052721/ctime:1610052845/gid:497/gname:jenkins/md5:ffc2c23e98e50d5acfafe8ccfc4dc585/mode:33188/mtime:1610052721/uid:498/uname:jenkins
Date: Sat, 27 Nov 2021 14:17:53 GMT
Content-Type: application/javascript
Via: 1.1 b759e26bde22770788987f2078515d9b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: wTfQX4-QvSkI_VXcQEDWY-63rRSCM-ajn6hu5_LkkaVtT2DGpRi1wA==

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 23ms
23ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079875&p=2315&c=5456&s=undefined&d=&v=&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=AdOpened&m=2&x=null
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 078A 32 KB
10 KB 25ms
25ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8226af808dd7629aa60d4db24f102b665e32885fe4fe88fdf7ec9e8d5c714c20

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79948
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Mon, 29 Nov 2021 04:23:43 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FD7F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

281 B
554 B

24ms
23ms

Document
text/html

23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: ww1772.smartadserver.com
URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=4492830109&out=js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Nov 2021 06:11:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Sun, 28 Nov 2021 06:11:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3 200 background.jpg
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 35 KB
35 KB 21ms
20ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/background.jpg?1634319167679

Requested by

Host: 21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
URL: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fddc7192422e5dae0d9f12c31216b3a354b88d67b806150e4f8edcf9e6b2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:11 GMT
x-content-type-options: nosniff
age: 22324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35363
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B712 0
0 35ms
35ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVrtdwhhO5H5gz7hEa9bCu9dPLG2fQzvB7BEDv-bXbfy0AJTYFBEhY8Kl-zvv1Qyn680hO_oXOk6YUm_dNUMURKIJYEfRweO4gZSYQI_qQ0kdWDL8ctOe8QFN757pfiQWeTrbGLtBemjQrQHlFnxXB-YSiPsfKdKLT71r8Vpv28B_EikQ5EfHa9MvYZ-EQFiYu3ElJcosCmdUWmAko1jim-BP8mIDNbirQDwIztEfGy6s0gicFnFjujNZSIXSvKAVZeK3AaIzA3K2iJAzpn1zmr5eLKeuxZaqm2QproVMuXLSO4r2r0AMXcjfDA8ukFrQMoBmZZrj12-w7&sig=Cg0ArKJSzIXJTeAeOADsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 28 Nov 2021 06:11:15 GMT

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 70ms
69ms Preflight 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
cf-ray: 6b517017ecc42d2e-ORD
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame FA90 0
650 B 61ms
60ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Nov 2021 06:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b5170184f19714b-YUL
access-control-allow-headers: Origin, Content-Type

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FA90
Redirect Chain

https://dmx.districtm.io/s/v1/users/10002
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRllSMEZoVFU1b2NFRjJabTFxZVhWaWJtaDFTa00wTmtsViJ9.ZfQbH37BdwYt2Cam7WAHAN...

43 B
556 B

30ms
30ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRllSMEZoVFU1b2NFRjJabTFxZVhWaWJtaDFTa00wTmtsViJ9.ZfQbH37BdwYt2Cam7WAHANw_JxYmyKrdRbeci_uL8wDJHkmnRb05cZWjgeKhAd2RjT1ht_e4J9nY2KDS3_8_oA

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Nov 2021 06:11:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 45R11CRHN5H8WP272K2B
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Nov 2021 06:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qRllSMEZoVFU1b2NFRjJabTFxZVhWaWJtaDFTa00wTmtsViJ9.ZfQbH37BdwYt2Cam7WAHANw_JxYmyKrdRbeci_uL8wDJHkmnRb05cZWjgeKhAd2RjT1ht_e4J9nY2KDS3_8_oA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b517017dec5714b-YUL
access-control-allow-headers: Origin, Content-Type
content-length: 0

GET
H3 200 backgroundOver.jpg
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 16 KB
16 KB 20ms
20ms Image
image/jpeg 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/backgroundOver.jpg?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aacb5cb33b90766cdfdc6de6f2e5699b34cdffbe3cc734f62ae7d0b4d389515b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:12 GMT
x-content-type-options: nosniff
age: 22323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16179
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:12 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 078A 284 B
921 B 333ms
83ms Image
image/jpg 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/jpg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FD7F 32 KB
10 KB 25ms
25ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8226af808dd7629aa60d4db24f102b665e32885fe4fe88fdf7ec9e8d5c714c20

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79948
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Mon, 29 Nov 2021 04:23:43 GMT

GET
H2 200 native Show response
sb.freeskreen.com/ Frame F127 26 KB
5 KB 32ms
32ms XHR
text/xml 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/native?pid=2315&tid=d996cb76-99cc-477d-abdf-adc5298b97e4&w=339&h=339&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&ip=37.120.205.170&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&g_co=CA&g_p=QC&g_ci=Montreal&g_d=GM&s_1=&s_2=&cid=2671&sid=undefined&vid=29164&did=1553287&ttm=1638079875435
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 408dbdc362ec1c7052ad3b90f8139eac221c20487bf33fd4630ca6d8d3774f84

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:15 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/xml;charset=UTF-8
expires: -1

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame F127 1 KB
719 B 98ms
98ms XHR
text/xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1638079875&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D1x1%26iu%3D%2F5479%2Fslimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079875%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts&type=js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731bbd51a930d691acfce2f9c7ec17bfbc91425e554f1bdc12687060642dcd57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 696
x-xss-protection: 0

GET
H2 200 xpub Show response
bid.g.doubleclick.net/xbbe/bid/ Frame F127 4 KB
4 KB 436ms
95ms XHR
text/xml 142.251.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/bid/xpub?deal_id=13080903_697415&max_duration=15&ord=1638079875&dc_sdk_apis=[APIFRAMEWORKS]&dc_omid_p=[OMIDPARTNER]&dc_vast=3&dc_rdid=

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gm-in-f156.1e100.net

Software

cafe /

Resource Hash

b701c84841654eec2dacdd9cc42127154282f0ceea6f641b8d0a7192663846ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 banner.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 264 B
288 B 20ms
19ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/banner.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c136bbf5aeebe6ae7449c54739861a4f3a2f9bd5557a77962a0b23aaef54df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:12 GMT
x-content-type-options: nosniff
age: 22324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:12 GMT

GET
H/1.1 200
OK 20190702c.js Show response
static.freeskreen.com/scm/native/ Frame 1BE1 43 KB
44 KB 24ms
23ms Script
application/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/native/20190702c.js
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fcd000cf85f57ab53137ddc5b18cc20002c5273d1b451f19ba1ae5d08212738

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:05:55 GMT
Via: 1.1 b759e26bde22770788987f2078515d9b.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Jul 2019 07:26:47 GMT
Server: AmazonS3
Age: 83122
ETag: "2343c11d4abb9f0ba9dddb941f762c07"
X-Cache: Hit from cloudfront
x-amz-version-id: I_cdT9yccte2OYFu.NVZw15Nsm1buxE5
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 44145
X-Amz-Cf-Id: 3-ZO_NRMR8lS5peD5U2JVDgQUP_igFb8T2RE_MONa67OgjH2FPU6Lw==

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 25ms
24ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=1553287&v=29164&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fsb.freeskreen.com%2Fnative%3Fpid%3D2315%26tid%3Dd996cb76-99cc-477d-abdf-adc5298b97e4%26w%3D339%26h%3D339%26u%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26ip%3D37.120.205.170%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F96.0.4664.45%2520Safari%252F537.36%26g_co%3DCA%26g_p%3DQC%26g_ci%3DMontreal%26g_d%3DGM%26s_1%3D%26s_2%3D%26cid%3D2671%26sid%3Dundefined%26vid%3D29164%26did%3D1553287%26ttm%3D1638079875435
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FD7F 284 B
922 B 278ms
86ms Image
image/jpg 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/jpg

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 6DE8 1 KB
719 B 33ms
33ms XHR
text/xml 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1638079876&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D1x1%26iu%3D%2F5479%2Fslimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079876%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts&type=js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa7442fda2d46833d2b3b6085e4cc439b6a53778dcef499de526b9511bfab79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 696
x-xss-protection: 0

GET
H2 200 native Show response
sb.freeskreen.com/ Frame 6DE8 9 KB
3 KB 30ms
30ms XHR
text/xml 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/native?pid=2315&tid=8f491c80-3dbe-4b27-b67f-051e766d3e71&w=620&h=348&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&ip=37.120.205.170&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&g_co=CA&g_p=QC&g_ci=Montreal&g_d=GM&s_1=&s_2=&cid=5456&sid=undefined&vid=29557&did=1580479&ttm=1638079875252
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fbf7b5d16731bec08d287cba85ab175d64993360dc821dc27bfabf636786ecbb

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/xml;charset=UTF-8
expires: -1

GET
H2 200 tag Show response
pc083-12m5d.ads.tremorhub.com/ad/ Frame 6DE8 55 B
600 B 243ms
172ms XHR
application/json 2600:1f18:612b:4264:e1d3:1d00:f599:e1ca
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pc083-12m5d.ads.tremorhub.com/ad/tag?adCode=pc083-fbfyf&playerWidth=620&playerHeight=348&playerPosition=3&srcPageUrl=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&gdpr=0&gdpr_consent=&custom=5456&c2=en-ca&floor=USD:0.8&us_privacy=&fmt=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e1d3:1d00:f599:e1ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 988fa32f9f3d00045cf5d10dd6e5a0478f7d5a2401ce8a9d3893e2af4e03c346

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
ads.freeskreen.com/ Frame 6DE8 0
203 B 86ms
24ms XHR
text/plain 44.194.222.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.freeskreen.com/bid?pid=2315&tid=8f491c80-3dbe-4b27-b67f-051e766d3e71&w=620&h=348&u=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&ip=37.120.205.170&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&g_co=CA&g_p=QC&g_ci=Montreal&g_d=GM&s_1=&s_2=&cid=5456&sid=undefined&vid=298&did=843723&pf=80&ttm=1638079875252&eu_c=&eu_g=0&eu_ggl=0
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.222.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-222-26.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache-Coyote/1.1
access-control-allow-methods: GET
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: -1

GET
H3 200 cta.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 2 KB
2 KB 19ms
19ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/cta.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d46e87390566f921c9d33599a1ca9538342cc20fd26751d96c2062deb28c445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:12 GMT
x-content-type-options: nosniff
age: 22324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2045
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DED9 42 B
64 B 72ms
42ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiiDop0rmVrzcaa9ANP9zMQfpjVooeGQvY0UuyrDHUkFUA9FZz-BlvjE3P23xguZCrL4eFxG1WTOhFpU3fGC-Tg8aY23mi--WVnj33bHySBc3qo4_Y&sig=Cg0ArKJSzN0R0iG5hwpfEAE&id=lidar2&mcvt=1001&p=217,436,307,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1403910068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638079874662&rpt=366&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E260 44 KB
16 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079875%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079875

Requested by

Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b502ddf7d29f73f9b57ad131c1d5768503cd38eafc1cc7689fbbc3522d82fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16317
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 23:24:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:26:16 GMT

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 25ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=90361&v=11524&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Ftpc.googlesyndication.com%2Fima3vpaid%3Fvad_format%3Dlinear%26correlator%3D1638079876%26adtagurl%3Dhttps%253A%252F%252Fpubads.g.doubleclick.net%252Fgampad%252Fads%253Fsz%253D1x1%2526iu%253D%252F5479%252Fslimcut.bnn%2526impl%253Ds%2526gdfp_req%253D1%2526env%253Dvp%2526output%253Dvast%2526unviewed_position_start%253D1%2526url%253Dhttps%25253A%25252F%25252Fwww.bnnbloomberg.ca%25252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%2526description_url%253Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%2526correlator%253D1638079876%2526cust_params%253Damznbid%25253D2%252526amznp%25253D2%252526m_categories%25253Dgv_crime%25252Cmoat_unsafe%252526m_data%25253D1%252526m_gv%25253DnoHistData%252526m_mv%25253DnoHistData%252526m_safety%25253Dunsafe%252526permutive%25253D20074%25252C31279%25252C32255%25252C32335%25252C61380%25252Crts%26type%3Djs
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 200
OK 215082650948131593838430001891DisplaySGOBHSCOTBHDIBCBELCANNUAWAAODIBYDISPADISP1X1ALBOSNATRONCPMDV1PARA19CXDENNUNUBellCarouselUnit2Orchard_1633545235.xml Show response
video.freeskreen.com/29164/ Frame F127 2 KB
1 KB 78ms
22ms XHR
application/xml 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.freeskreen.com/29164/215082650948131593838430001891DisplaySGOBHSCOTBHDIBCBELCANNUAWAAODIBYDISPADISP1X1ALBOSNATRONCPMDV1PARA19CXDENNUNUBellCarouselUnit2Orchard_1633545235.xml?_cb=1638079876
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19358179a0f3d8c2be4fc211712b12b3223ceec8115ebb9f631ae0aeb63a0f3a

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 03:46:36 GMT
Content-Encoding: gzip
Vary: Origin
Age: 8681
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 839
Access-Control-Allow-Origin: *
Last-Modified: Wed, 06 Oct 2021 18:33:56 GMT
Server: AmazonS3
ETag: "7086b7b9fb924250fad3126bde3070b4"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Via: 1.1 081adfb0526af4d4162283117d917419.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: vmNF9MMojb5PZQ3LCTYtwySH2usQeDn-XNhxFCzaqKtkshRHBeIA7g==

GET
H/1.1 200
OK 20181018a.js Show response
static.freeskreen.com/scm/carousel/ Frame 1BE1 11 KB
11 KB 23ms
23ms Script
application/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/carousel/20181018a.js
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/native/20190702c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 787681d490f9a1532674c68aed1b9d87fc0ce0673d9870b307c6be02375add4d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: J_1SUPOJBGCQ0lYIdYT0RRYJt1bYwjnY
Via: 1.1 b759e26bde22770788987f2078515d9b.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Oct 2018 06:10:03 GMT
Server: AmazonS3
Age: 27561
ETag: "b9d6609f6d727c22c320fdf13b8f2dba"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Sat, 27 Nov 2021 22:31:56 GMT
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 11019
X-Amz-Cf-Id: 0yFnqLwhrrEaQI8z5hoVhruzj3Z4i4UgDZN-F2zAJ9kz9C1RbJZefQ==

GET
H/1.1 200
OK 20211006143218_13447_DI22-110_Bell_Media_Singleton_Logo.jpg
video.freeskreen.com/13447/ Frame 1BE1 122 KB
122 KB 77ms
25ms Image
image/jpeg 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13447/20211006143218_13447_DI22-110_Bell_Media_Singleton_Logo.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d733932f7c22987e4f0e86fb3e3d4b29f22b04d169709e23450a78c1c1b7e594

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 01:56:35 GMT
Via: 1.1 ee623581f95aa65c7c8707871d87b791.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 Oct 2021 14:32:20 GMT
Server: AmazonS3
Age: 15282
ETag: "4830721043e5fb13600b05fc4e80cb6f"
X-Cache: Hit from cloudfront
Content-Type: image%2Fjpeg
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 124654
X-Amz-Cf-Id: T-QLQifewNSvh0TpKMYw0K5u-c9P4OJDYZeOZEvGSlG6RPOrWFe5rg==

GET
H/1.1 200
OK 20211001184218_13447_DI21-135_Social_Autumnal%20Glendullan%20F21%20Q2%20Facebook-Single%20fix.jpg
video.freeskreen.com/13447/ Frame 1BE1 800 KB
800 KB 79ms
27ms Image
image/jpeg 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13447/20211001184218_13447_DI21-135_Social_Autumnal%20Glendullan%20F21%20Q2%20Facebook-Single%20fix.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c1f230112bbd9ef926d03c3c605b4341b1224f8787dd0eb0d8deb889b0c5cf9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 08:21:22 GMT
Via: 1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Oct 2021 18:42:19 GMT
Server: AmazonS3
Age: 78726
ETag: "55e9d72ba32620f84c08ac3a606bac84"
X-Cache: Hit from cloudfront
Content-Type: image%2Fjpeg
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 818805
X-Amz-Cf-Id: 8ThVSzG-NPxdlnAPDSz-Jo8Lw18cC9Iksuf1MWSTBaHnMtzjUj09NA==

GET
H/1.1 200
OK 20211001184038_13447_DI21-135_Social_WhiskySour_Instagram_Orchard.jpg
video.freeskreen.com/13447/ Frame 1BE1 2 MB
2 MB 82ms
29ms Image
image/jpeg 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13447/20211001184038_13447_DI21-135_Social_WhiskySour_Instagram_Orchard.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bdbe685db7b4aa57327bfbac0bef5b7636d0cdd4fd4ccf974ae5b552927a7d4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 09:05:27 GMT
Via: 1.1 c5b9a0c64a4bfd127a52280a230003d2.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Oct 2021 18:40:39 GMT
Server: AmazonS3
Age: 78063
ETag: "ed5ce478712863bf1b80ae432b5f764e"
X-Cache: Hit from cloudfront
Content-Type: image%2Fjpeg
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 1647604
X-Amz-Cf-Id: 67O6lqlApRo_5Xfa6jdfTvTwgude43s9e-1KgJKKCexiAaOV--wwew==

GET
H/1.1 200
OK 20211001184311_13447_DI21-191%20-%20February%20Social%20Masking%20-%20Singleton%20Hot%20Toddy%20-%201080%20x%201080.png
video.freeskreen.com/13447/ Frame 1BE1 2 MB
2 MB 87ms
34ms Image
image/png 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13447/20211001184311_13447_DI21-191%20-%20February%20Social%20Masking%20-%20Singleton%20Hot%20Toddy%20-%201080%20x%201080.png
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f480ef3f6ce9db3e8547578268f28762d4482cdfd8086061ee3a2df88e3a4780

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 09:15:03 GMT
Via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Oct 2021 18:43:12 GMT
Server: AmazonS3
Age: 77023
ETag: "3dbc9838d46c02c792bf893887e2596d"
X-Cache: Hit from cloudfront
Content-Type: image%2Fpng
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 2062365
X-Amz-Cf-Id: 8_xxzNG2Kqbvgyh4eOS0GTe_Qd8lF5JSw5JXSp6do6MmKK1iGoBAhg==

GET
H3 200 disclaimer.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 963 B
987 B 21ms
20ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/disclaimer.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8cdba89cda9fe880f1461f10682443ad92d9eb43df8409b7fcffb844e1f9291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:12 GMT
x-content-type-options: nosniff
age: 22324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:12 GMT

GET
H/1.1 200
OK 20190702c.js Show response
static.freeskreen.com/scm/native/ Frame 44F8 43 KB
44 KB 25ms
24ms Script
application/javascript 13.226.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/native/20190702c.js
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fcd000cf85f57ab53137ddc5b18cc20002c5273d1b451f19ba1ae5d08212738

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 07:05:55 GMT
Via: 1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Jul 2019 07:26:47 GMT
Server: AmazonS3
Age: 83122
ETag: "2343c11d4abb9f0ba9dddb941f762c07"
X-Cache: Hit from cloudfront
x-amz-version-id: I_cdT9yccte2OYFu.NVZw15Nsm1buxE5
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 44145
X-Amz-Cf-Id: EFhwGv84yj-z2pwhS7u3TZwhExE_K4hTx2T-wd4nzNvoIgG_Eij91A==

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 25ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=1580479&v=29557&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fsb.freeskreen.com%2Fnative%3Fpid%3D2315%26tid%3D8f491c80-3dbe-4b27-b67f-051e766d3e71%26w%3D620%26h%3D348%26u%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26ip%3D37.120.205.170%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F96.0.4664.45%2520Safari%252F537.36%26g_co%3DCA%26g_p%3DQC%26g_ci%3DMontreal%26g_d%3DGM%26s_1%3D%26s_2%3D%26cid%3D5456%26sid%3Dundefined%26vid%3D29557%26did%3D1580479%26ttm%3D1638079875252
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AB4D 44 KB
16 KB 39ms
39ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079876%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079876

Requested by

Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b502ddf7d29f73f9b57ad131c1d5768503cd38eafc1cc7689fbbc3522d82fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16317
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 23:24:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:26:16 GMT

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 25ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=1524679&v=11524&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Ftpc.googlesyndication.com%2Fima3vpaid%3Fvad_format%3Dlinear%26correlator%3D1638079876%26adtagurl%3Dhttps%253A%252F%252Fpubads.g.doubleclick.net%252Fgampad%252Fads%253Fsz%253D1x1%2526iu%253D%252F5479%252Fslimcut.bnn%2526impl%253Ds%2526gdfp_req%253D1%2526env%253Dvp%2526output%253Dvast%2526unviewed_position_start%253D1%2526url%253Dhttps%25253A%25252F%25252Fwww.bnnbloomberg.ca%25252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%2526description_url%253Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%2526correlator%253D1638079876%2526cust_params%253Damznbid%25253D2%252526amznp%25253D2%252526m_categories%25253Dgv_crime%25252Cmoat_unsafe%252526m_data%25253D1%252526m_gv%25253DnoHistData%252526m_mv%25253DnoHistData%252526m_safety%25253Dunsafe%252526permutive%25253D20074%25252C31279%25252C32255%25252C32335%25252C61380%25252Crts%26type%3Djs
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 26ms
24ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=843723&v=298&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fads.freeskreen.com%2Fbid%3Fpid%3D2315%26tid%3D8f491c80-3dbe-4b27-b67f-051e766d3e71%26w%3D620%26h%3D348%26u%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26ip%3D37.120.205.170%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F96.0.4664.45%2520Safari%252F537.36%26g_co%3DCA%26g_p%3DQC%26g_ci%3DMontreal%26g_d%3DGM%26s_1%3D%26s_2%3D%26cid%3D5456%26sid%3Dundefined%26vid%3D298%26did%3D843723%26pf%3D80%26ttm%3D1638079875252%26eu_c%3D%26eu_g%3D0%26eu_ggl%3D0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 27ms
24ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=843723&v=298&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=VastEmpty&m=1&x=
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H3 200 logos.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 7 KB
7 KB 20ms
20ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/logos.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0cbe1065a9839a06ebe3b99f0013a5902b8ef0319dea3114683c9408887b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:13 GMT
x-content-type-options: nosniff
age: 22323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7007
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:13 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E260 368 KB
122 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079875%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079875

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Sun, 28 Nov 2021 06:11:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E260 0
20 B 69ms
41ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.5061560756742296&wt=1638079876171&sdkv=h.3.489.0&xai=undefined&url=2,https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752$0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 20211019193941_13589_Sonnet_HR-Native-V3.jpg
video.freeskreen.com/13589/ Frame 44F8 80 KB
81 KB 45ms
28ms Image
image/jpeg 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13589/20211019193941_13589_Sonnet_HR-Native-V3.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75c15f9d64bbf61d39fb1403f65fb91ba49d60f33bb4d5b31571caaef15da96d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 00:09:15 GMT
Via: 1.1 ee623581f95aa65c7c8707871d87b791.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Oct 2021 19:39:42 GMT
Server: AmazonS3
Age: 21722
ETag: "8380fe93a836cf2baf7c5818669b3c7c"
X-Cache: Hit from cloudfront
Content-Type: image%2Fjpeg
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 82281
X-Amz-Cf-Id: VfdDbY0_RMiHUhyTv6wdaV9QTKai6xvnDKFxttxjX3-n_0g7QSe_NQ==

GET
H/1.1 200
OK 20211019193942_13589_1598904625135.jpg
video.freeskreen.com/13589/ Frame 44F8 3 KB
4 KB 98ms
48ms Image
image/jpeg 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.freeskreen.com/13589/20211019193942_13589_1598904625135.jpg
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f45228579b3eec5255d1f0a14e59ed0ab9c4bfd3be08a5618ee826aa80483a75

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 00:09:15 GMT
Via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
Last-Modified: Tue, 19 Oct 2021 19:39:43 GMT
Server: AmazonS3
Age: 21722
ETag: "9c06537aea8ec7142fb31be2570b8e60"
X-Cache: Hit from cloudfront
Content-Type: image%2Fjpeg
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 3155
X-Amz-Cf-Id: bxOvCMlTNOzw-YLQYmTuJK8Yz_IKhlWVdVowDsWLCtrKbM9KHCIyZA==

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 27ms
26ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=1553287&v=29164&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fvideo.freeskreen.com%2F29164%2F215082650948131593838430001891DisplaySGOBHSCOTBHDIBCBELCANNUAWAAODIBYDISPADISP1X1ALBOSNATRONCPMDV1PARA19CXDENNUNUBellCarouselUnit2Orchard_1633545235.xml%3F_cb%3D1638079876
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H/1.1 206
Partial Content 20211001183845_240p.mp4
video.freeskreen.com/29164/ Frame 1BE1 944 KB
944 KB 67ms
24ms Media
video/mp4 13.226.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.freeskreen.com/29164/20211001183845_240p.mp4
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e3a4a55757296f3d00ca0db43b97264a4709c13dcab42db8ed99ed4aecbe7f3

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 27 Nov 2021 09:21:35 GMT
Via: 1.1 968753ca270b3abbf31cdfc00e23b163.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Oct 2021 18:40:53 GMT
Server: AmazonS3
Age: 74982
ETag: "29ccf74acec372eabf9f3af706d80cbe"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-966286/966287
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C2
Accept-Ranges: bytes
Content-Length: 966287
X-Amz-Cf-Id: aUHatEzYPoQrh7TUz7xp2AklhmN73Q5-0Do1cq9i7mCdO_hG1_AHFQ==

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AB4D 368 KB
122 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079876%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079876

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Sun, 28 Nov 2021 06:11:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB4D 0
20 B 53ms
42ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.07431959895121465&wt=1638079876187&sdkv=h.3.489.0&xai=undefined&url=2,https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D1x1%26iu%3D/5479/slimcut.bnn%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26output%3Dvast%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26description_url%3Dhttps://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26correlator%3D1638079876%26cust_params%3Damznbid%253D2%2526amznp%253D2%2526m_categories%253Dgv_crime%252Cmoat_unsafe%2526m_data%253D1%2526m_gv%253DnoHistData%2526m_mv%253DnoHistData%2526m_safety%253Dunsafe%2526permutive%253D20074%252C31279%252C32255%252C32335%252C61380%252Crts%26channel%3Dvastadp&correlator=1638079876

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 text1.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 2 KB
2 KB 28ms
28ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/text1.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b48fb69c3383ba2586f01cd0df8fb575b0775378ad064b964722eab0ca4822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:13 GMT
x-content-type-options: nosniff
age: 22323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2400
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:13 GMT

GET
H3 200 text2.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 2 KB
2 KB 31ms
25ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/text2.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4f2aa645566ac3bdee79046ea15db1ee6ad2a09740bf0762916aa51b001cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:14 GMT
x-content-type-options: nosniff
age: 22322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2394
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:14 GMT

GET
H2

200

um
sb.freeskreen.com/ Frame 078A
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456
https://sb.freeskreen.com/um?mg=KWIUGPQX-N-7DFE

43 B
590 B

25ms
25ms

Image
image/gif

3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?mg=KWIUGPQX-N-7DFE
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sb.freeskreen.com/um?mg=KWIUGPQX-N-7DFE
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires: 0

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E27B 580 KB
190 KB 20ms
19ms Document
text/html 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Fri, 26 Nov 2021 03:34:23 GMT
expires: Sat, 26 Nov 2022 03:34:23 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 182213
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E260 44 KB
16 KB 46ms
46ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E260 107 B
122 B 66ms
36ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 text3.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 2 KB
2 KB 20ms
20ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/text3.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a33fdb8eedf83746c794797abf28f759599abeaa2572d5d80b2a54a130c39aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:14 GMT
x-content-type-options: nosniff
age: 22322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2139
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:14 GMT

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2AEF 580 KB
190 KB 20ms
19ms Document
text/html 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Fri, 26 Nov 2021 03:34:23 GMT
expires: Sat, 26 Nov 2022 03:34:23 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 182213
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AB4D 44 KB
16 KB 36ms
36ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AB4D 107 B
122 B 40ms
39ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bnnbloomberg.ca

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 moatvideo.js Show response
z.moatads.com/slimcutmediavideo73182107408/ Frame 6DE8 314 KB
105 KB 21ms
20ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/slimcutmediavideo73182107408/moatvideo.js
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ab53eb236dc33fcb2791094aa4cbc71d0c908bc1938df16baeb43b152c48b09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:47:47 GMT
server: AmazonS3
x-amz-request-id: P9CVNQA8RP2HJR27
etag: "09163ea4df9cf3d91a93fa19f3884453"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18665
accept-ranges: bytes
content-length: 107470
x-amz-id-2: QGR4TG9t7QY20SOC8Sa0upce72mfeEvGxIswciyAfqzubE4knGIZt1wpFstgLTK1r1XT9mdf+H8=

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 29ms
27ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=758550&v=9316&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fpc083-12m5d.ads.tremorhub.com%2Fad%2Ftag%3FadCode%3Dpc083-fbfyf%26playerWidth%3D620%26playerHeight%3D348%26playerPosition%3D3%26srcPageUrl%3Dhttps%253A%252F%252Fwww.bnnbloomberg.ca%252Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%26gdpr%3D0%26gdpr_consent%3D%26custom%3D5456%26c2%3Den-ca%26floor%3DUSD%3A0.8%26us_privacy%3D%26fmt%3Djson
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 29ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=1524679&v=11524&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=LoaderStartHB&m=1&x=%3B%3Bvpaidloader%3B1638079876342
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B0D 37 KB
13 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 05:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:34:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=2805&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A0%3A865&as=1&ag=1153&an=42&gi=1&gf=1153&gg=42&ix=1153&ic=1153&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1153&bx=42&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=84&ah=954&am=84&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=1428560385&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 078A 42 B
285 B 55ms
43ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 078A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=&expires=30

42 B
679 B

320ms
78ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d440bdea-0c87-4fb7-a917-41c84fc16384&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 078A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWIUGPTM-1S-CB57&sigv=1&esig=2~4e7457a4a45aaa37851df0d58428111fd13d9949

0
445 B

92ms
29ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWIUGPTM-1S-CB57&sigv=1&esig=2~4e7457a4a45aaa37851df0d58428111fd13d9949

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWIUGPTM-1S-CB57&sigv=1&esig=2~4e7457a4a45aaa37851df0d58428111fd13d9949
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 078A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b88761a3-1d84-4300-ae38-7f32f5d77470

42 B
679 B

262ms
78ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b88761a3-1d84-4300-ae38-7f32f5d77470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

Redirect headers

Date: Sun, 28 Nov 2021 06:11:16 GMT
Server: MT3 4133 baa842e master iad-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b88761a3-1d84-4300-ae38-7f32f5d77470
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Nov 2021 06:11:15 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 078A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaMdgQAAALyuUQPl

42 B
679 B

312ms
79ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaMdgQAAALyuUQPl
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638079876.398195,VS0,VE0
x-served-by: cache-yul12822-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaMdgQAAALyuUQPl
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 078A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTA4MjMwYzcyYmRjMWRlMTQ4ZGU5MmVjOWRmN2UxMDMwZTI4MDM4OA

170 B
188 B

37ms
36ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTA4MjMwYzcyYmRjMWRlMTQ4ZGU5MmVjOWRmN2UxMDMwZTI4MDM4OA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTA4MjMwYzcyYmRjMWRlMTQ4ZGU5MmVjOWRmN2UxMDMwZTI4MDM4OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 078A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKtWD3Lo82pBhal5H30fdqI&google_cver=1

42 B
679 B

316ms
83ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKtWD3Lo82pBhal5H30fdqI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKtWD3Lo82pBhal5H30fdqI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 078A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/2zb80fKV5lktB1-tvxZEwcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=92018912013979132

42 B
679 B

108ms
78ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=92018912013979132
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

Redirect headers

date: Sun, 28 Nov 2021 06:11:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=92018912013979132
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame FD7F
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KWIUGPTM-1S-CB57

43 B
406 B

167ms
55ms

Image
image/gif

199.187.193.185
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KWIUGPTM-1S-CB57
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol: HTTP/1.1
Server: 199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KWIUGPTM-1S-CB57
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4f2e9ddc15e6cc2c3861f8e2683d2514
Expires: 0

GET
H3 200 text4.png
s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/ Frame 6761 3 KB
3 KB 19ms
19ms Image
image/png 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/images/text4.png?1634319167679

Requested by

Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a204b9783bef7cd52e45f097ccc71661a35f3075b377ab28fd0052505b88f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/dfp/309079/5083046367/1635343297625/EN_300x250_iAClaringtonSRI/EN_300x250_iAClaringtonSRI/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:59:14 GMT
x-content-type-options: nosniff
age: 22322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3177
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 14:01:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 23:59:14 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AFB0 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 05:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 28 Nov 2021 06:34:24 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F127 16 KB
5 KB 117ms
76ms XHR
text/xml 142.251.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BbXJUe3iipJvkSF9qDWgQc98U0AxwCCmEnm3O-OUGMATRvH_p6xoYm2MrjNGDrwTye3MhHw4WbRNPtmhtmXRKy21f6yg&dbm_d=AKAmf-B4R45plYYCS8BLwRPenk5IpTQIjDlKg7s2HXR0pu97vxRahN8Gi5AJnY0aFEnB4ZRUrn0SGXog6Wj0dXT5T7fI2lyK59ilGGp_zPjDKgqZY5Oqnxn1QWW4SNq1gI0jZx3Zj_EYvqE6a6Mp2oRDhnCO7JWR8LE6GyR0HiiPyp-nPhuCCWrQmnO2-s1lzFCp-RZblGhOON3ptDNJtD2rjEg_j7Hmw-d_LAmTA_02kIkNbBxK8_gVr7i01m9XOe1OP1Dr-a2vdQKc7-qn1PdIWQ6pwnv1eH5RPEfWCocrm36-YaBPbasnbF2O1cihWTAfMXe0tTRdxuMAxG0XjcgIWQIa9Rp-OqypafUhD4v04qtul05iYo2VSzRG_ZT4G7xnUqxvPuwYbAZ_xc5EcId64QgCQ9kpvQJMwaz5yo9ysnALWJoK0KVhkYzO2dSc82AHTjCwQVN5M0_w6ZcroNIWN1Ue7-J3hG4PFM9jnlWC8Pbwc4qtLEv2fEdCp3nKOtH4noodMAqLr3qIPq2pNbnLRB7e1tMvcKyzKKI6RCC7neXRt53l_xofxN4D9zBLimQoxWYjFR-Z-cl_i7J-Bz8xV_Ii02aU5njJNqswkWRV98L_ylM1R53z7cdGroKTmGjA62a9xHagSx05qPRrl4ZoGXqJZSlvDz5vxYElW4rGUGdc7sHUScco9CtEKQGnW3-LdPL9IRAhu69Zec1STFpyxlAdUClZFv0cMW-_mY6mPIioGQXNvWNQ2gBuVsB1l36hFcC6EedPAvAo7NPwNkzytzEDD3DtgHRimji3dFZmEVvk3ZP_YJ1wAcUcaBNmOcQKry8Tp_GGRUJkvTdZj2QRl-aDIeFuwvsPTWK-l67-gf1OB01TPomF1VqQyPo4oMwatDVdsdTGHWPM-oYBhbb8afSrHa0NdK3mqtdV9HUDErYxar_E0YlgCFFQDAEZpKppwZO9YQc-316WqkKvLPU64Br6XOoLdFvMI3t_1a7QhMtBz14ESn615-Iy1O7y9BlHf9AO2aFeV9pP4PPdPvhjcQ6xwytgAoWdojR_3dyf0xToBLiNh10jgAfAcfX0B8UKoyFpLQCUkS5cvgde-oY5I3C0aOE1_yPXnhIFeQY8YyeDXPQ2movZ-QT-MF6No7kvo8pbxW7i1PtyEhiZciMu2Y-sFjZ_Z6NR0gsigcTmUaGAwD1CDT3I6ACmOJzbqtoUFDwkMLMGK19NjMcOhsDYmAnSTsKhGAfMsWbfnba_kqbIAb9HUtpu2DC759OvZBkmogYtwgMgfI4wzMdNAU_0ygKeyyZGgG4GzwUKh6PwxmQ1W48ZyuQJbIpG_CMZDsbbtYapq25rrDO1DpvIOQHODrAIuQyEP5n-liCrr8X0P5OC2I_DGNLVUseEG9ntsX2ISH_mGeSFmeUBpRbyykKi624QqcLqhGyusHtWr_p__a4QVMtAfNzlDtNfMmSC9Y-DNOGFLTVmCJmvS0er-cJl349yXiNtpBFuZG7icUBOdYblhgiz6p_csBEPZfoujAj26mH5uhtlMczAT6f11OoIE8oj7cLAJKc9hlIsyJRoInEqkyedUvunJYjEM6uc8N2sXH5_VlrsFMxVzGnEE8i11K41wcFrcOCP1InwVdf37OWOCSJJItbPF_kySUkC49ot8pRHEitCzGjvxvoQ34Vqm5Tz1geCpG4FXJKnxCs_oKT6pd47Z6WWvdTKvx8_t192za-vtY7RTRa2acX4E_dhcw-CaUzMloRVbAgnvCa1nttwh4w1hg5OlhHVR2mW2DEceoZgvW5POqwoy0226IMuy5fi_nsSmlAwyd7ivwxQzpd4vXHfjH8WQMFU8qycIdqb60S-HtEsYW5F4sVAAMwPD0LPP4pjgciB2OC7YCQScD-3L6Gmn1u9mdNr9R_5Ogcw5rgkOa5wn_Igkh4J-XmlByJ2Uh4XmeZPE9VVYIaYNG2f6z9qldxJ7_iURKnG0Y7aCPXgEMgkgjSmUl_sGq9Q-5s0eRjvyj8UI68vANt1EW--3HHkondn1SiO-XofgMucK8C-iuj_ZqFmXf1pFK7dVD-XU_drs7P1ST87vaYs6dDsyASnfyoTc_nbJpiaFsxvYM9zxDLlERB8oOe1hCHHn6JtA8DWhQLvy9lAl4H8w_jeMlOF0w2N_MlQGUaybBGWAqSStn4ij3pocHwnZJGCmue1lF2V2gYdNaRDDxOaBEGqKWSw8Yy1ZbxCjuCepFirKCTgw2N-5Swc37kmi1DDLyAxJ8v9-COx2X0QaYCLgWN9wMIRKqb6wgS2MW1sYLgQZ0aIMMO6KB0qpiAU16OUN5m8zK7bwSsUTDgn0pdmd9PADYdGuzHwh6JChcpAxX8X6ey7FjFNdOg1vEOjpH9cyrlP7L7v0NTdjjE_Mao5t_h2aZBH9BfmSFwDK-VApH6LYRfnFIBVkyainf2UHW9MPx4DJU0fsKTe9TGdp-7IKJBdYG_B2XmvazDq5Rd9LczPOD5vXjh5QDo5OILgyxUJFVWeumqYklX0u6uIYLzLR-2ai2fiYCnZkw30rJoVkNlV332Yur8N7piJ09EgZrRXA2_LjOnbViypxxBWSRSirnF0AQubGvccka6kRontyXu4O324w5R0fzjljt0l2Q23OJz3z7AnXfC1m13G_r1rsnEpyzUIT6cNYR9_3k7IcDvURH8_C_6hFanQ9N2pgUVrCOrHYKS5mBvfQANu4Kxyrh1LLtmFB159IAcvHOQZ9MwUiQfvzM5KBSh9FzYKhl59Ji87FFVwT1nmzQfQRKp9NuBIWUlGEYZ_p2I5lIHbnk1urtA0F_izFMWXoKsEn7yJIO5KOGIOMyiz5oSFMatZb18BUBiaRz6IlninTIV3NqATc5CukyuhLyFVb3ouSRxyKW2pL63VhR8aCJDKieImU7eFlngD9DnU9H2hdKvNmFXPzVfZ1rRfmDnHFbHYRGXuM_qHrZ7hcEHv3C0SWp0tFkbnJRCL-sETf8vgkLW87bussTMBtEwW8BWdxReiqt8nLYbPu2A7kFS-7rUbqEXlgI5Q0z8c3UoBNDHhsZZ40mppiiD_s8Z2_uriEypoPct8ZWYdvjTvRlgrbugNH9B-qnPXjuoSHE8VlEZL90MgABSVTFu3QmHSHa_qF7lonhWvEa1hDZXLKIB1l-Ngrx7WOCwm_0GmHnI&cid=CAASEuRoz5Fi9FrRwwhdNVK7mTwfpw&pr=39:AAAAAAAAAAAAAAAAAAAAAOsnHIIpawk_WEdSZw

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gm-in-f156.1e100.net

Software

cafe /

Resource Hash

c1dccae4b5fccd354ba48f106395360b830827f979b278835f0914a35335cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5142
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.bnnbloomberg.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 26ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=1596387&v=30251&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fbid.g.doubleclick.net%2Fxbbe%2Fbid%2Fxpub%3Fdeal_id%3D13080903_697415%26max_duration%3D15%26ord%3D1638079876%26dc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%26dc_omid_p%3D%5BOMIDPARTNER%5D%26dc_vast%3D3%26dc_rdid%3D
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=2805&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A0%3A865&as=1&ag=1153&an=1153&gi=1&gf=1153&gg=1153&ix=1153&ic=1153&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1153&bx=1153&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=954&ah=954&am=954&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=676510151&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=2806&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A0%3A865&as=1&ag=1153&an=1153&gi=1&gf=1153&gg=1153&ix=1153&ic=1153&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1153&bx=1153&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=954&ah=954&am=954&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=575855579&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/slimcutmediavideo73182107408/ Frame F127 314 KB
105 KB 25ms
25ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/slimcutmediavideo73182107408/moatvideo.js
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/player/20211014b/player-hb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ab53eb236dc33fcb2791094aa4cbc71d0c908bc1938df16baeb43b152c48b09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:47:50 GMT
server: AmazonS3
x-amz-request-id: YKR8C3GZXRBXWTWY
etag: "09163ea4df9cf3d91a93fa19f3884453"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=30339
accept-ranges: bytes
content-length: 107470
x-amz-id-2: LjGhpBn1gHWHxWC0190eagg5CAY13Nj0b6EewBzAmTWN9JVHrvuors7p/sOHhMTsqVul0hc1gDc=

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 34ms
34ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=1553287&v=29164&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=LoaderStartHB&m=1&x=%3B%3Bvpaidloader%3B1638079876568
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SLIMCUTMEDIAVIDEOJS1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1638079876465&de=105880732917&m=0&ar=553ffc12ef5-clean&iw=4e951a6&q=7&cb=0&ym=0&cu=1638079876465&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=SCM%3A5301%3A1524679%3A11524&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&bo=2315&bd=5456&zMoatOrigSlicer1=2315&zMoatOrigSlicer2=5456&gw=slimcutmediavideo73182107408&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A544%3A544%3A0%3A865&fs=195402&na=1916661644&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:16 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
180 B 102ms
101ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: fc9dadc2711fcba02331e87c983287b6e35c5a0785d4c0c35a6e210ec42eed81

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 112
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SLIMCUTMEDIAVIDEOJS1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1638079876767&de=291581174354&m=0&ar=553ffc12ef5-clean&iw=4e951a6&q=10&cb=0&ym=0&cu=1638079876767&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=SCM%3A19389%3A1553287%3A29164&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&bo=2315&bd=2671&zMoatOrigSlicer1=2315&zMoatOrigSlicer2=2671&gw=slimcutmediavideo73182107408&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A544%3A544%3A0%3A865&fs=195402&na=500466634&cs=0
Requested by: Host: www.bnnbloomberg.ca
URL: https://www.bnnbloomberg.ca/when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B712 42 B
64 B 41ms
40ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttb4NnDC9PApteMQ6Rc_oi8bQ-124PhcegBUAqNdjkdKwKYogwdqStbOTpaTrOv1yiH27jv4k1pq1PfJ83GRlCrXY8gyiB2eVIUT5TGKTRUzIrddve&sig=Cg0ArKJSzPyajumVDbE2EAE&id=lidar2&mcvt=1070&p=408,970,658,1270&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1960385940&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638079874745&rpt=1018&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E27B 156 B
523 B 73ms
72ms XHR
text/xml 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=1x1&iu=%2F5479%2Fslimcut.bnn&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&description_url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&correlator=1638079875&cust_params=amznbid%3D2%26amznp%3D2%26m_categories%3Dgv_crime%2Cmoat_unsafe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dunsafe%26permutive%3D20074%2C31279%2C32255%2C32335%2C61380%2Crts&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.489.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=463660736&sdk_apis=2%2C8&sid=8B704D04-3D6F-4183-93BE-39C441F29929&nel=1&eid=44750821&dt=1638079876847&cookie=ID%3D43fd66562d146b6f%3AT%3D1638079874%3AS%3DALNI_MZkI0irFb7FZsVLlTH2O9uVa2p_Kg&scor=2437339760976668&ged=ve4_td1_tt1_pd1_la1000_er1368.339.1368.339_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2AEF 156 B
185 B 67ms
67ms XHR
text/xml 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=1x1&iu=%2F5479%2Fslimcut.bnn&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&description_url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&correlator=1638079876&cust_params=amznbid%3D2%26amznp%3D2%26m_categories%3Dgv_crime%2Cmoat_unsafe%26m_data%3D1%26m_gv%3DnoHistData%26m_mv%3DnoHistData%26m_safety%3Dunsafe%26permutive%3D20074%2C31279%2C32255%2C32335%2C61380%2Crts&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.489.0%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=955260842&sdk_apis=2%2C8&sid=FC0D0ABD-9842-40E3-BFAA-9A1BF6EBB16F&nel=1&eid=44737475&top=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&loc=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&dt=1638079876855&cookie=ID%3D43fd66562d146b6f%3AT%3D1638079874%3AS%3DALNI_MZkI0irFb7FZsVLlTH2O9uVa2p_Kg&scor=2838911287076903&ged=ve4_td1_tt1_pd1_la1000_er2299.330.2299.330_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0C6F 11 KB
5 KB 282ms
94ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bnnbloomberg.ca

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3094
date: Sun, 28 Nov 2021 06:11:16 GMT
content-length: 4683

GET
H2 200 optout_check Show response
beacon.krxd.net/ 82 B
241 B 25ms
24ms Script
text/javascript 34.226.34.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.bellmedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.34.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-34-89.compute-1.amazonaws.com
Software: /
Resource Hash: 1012c0f926c8887b6fc3d5086b268d387883d21e38541bf26426d8b15c388457

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:16 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1638079876
x-served-by: beacon-n028-ash-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 364 B
508 B 30ms
30ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=ca46aa22-e6b4-464e-9077-7215dc98bc0a&technographics=1&callback=Krux.ns.bellmedia.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d4cee82f2c96412177da59763b363c54b51734597d1c877b6265a23def9b9b0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a021-ash-prod.krxd.net, cache-yul12828-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638079877.963767,VS0,VE19
content-length: 280
x-cache-hits: 0, 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 43ms
42ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb26115caa7cfaba5dadd387eb6da4a72626801ef3e9ce3c048d2d67ac8765f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Nov 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9175
x-xss-protection: 0

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 26ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=2671&s=undefined&d=90361&v=11524&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=optout&m=1&x=%3B%3Bvpaidloader%3B%22AdError%201009%20(The%20VAST%20response%20document%20is%20empty.)%3A%20AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%5CnError%5Cnat%20new%20SC%20(https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fsdkloader%2Fima3.js%3A567%3A329)%5Cnat%20GH.M%20(ima3.js%3A662%3A276)%5Cnat%20Ij%20(ima3.js%3A125%3A200)%5Cnat%20XA.k.dispatchEvent%20(ima3.js%3A123%3A365)%5Cnat%20XA.D%20(ima3.js%3A512%3A170)%5Cnat%20Ej%20(ima3.js%3A122%3A150)%5Cnat%20b%20(ima3.js%3A120%3A292)%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 26ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079876&p=2315&c=5456&s=undefined&d=1524679&v=11524&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=optout&m=1&x=%3B%3Bvpaidloader%3B%22AdError%201009%20(The%20VAST%20response%20document%20is%20empty.)%3A%20AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%5CnError%5Cnat%20new%20SC%20(https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fsdkloader%2Fima3.js%3A567%3A329)%5Cnat%20GH.M%20(ima3.js%3A662%3A276)%5Cnat%20Ij%20(ima3.js%3A125%3A200)%5Cnat%20XA.k.dispatchEvent%20(ima3.js%3A123%3A365)%5Cnat%20XA.D%20(ima3.js%3A512%3A170)%5Cnat%20Ej%20(ima3.js%3A122%3A150)%5Cnat%20b%20(ima3.js%3A120%3A292)%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 99ms
19ms Script
application/javascript 2600:9000:210b:7600:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:7600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:03:52 GMT
via: 1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 36446
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: 6DLlCpiMX15WZ62cZ79sFuqoOs1IDP3XefoI0FW5ZknDnJY8XWzCIw==

GET
H2 200 g.js
aa.agkn.com/adscores/ 43 B
654 B 101ms
100ms Image
image/gif 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
via: 1.1 158c603777b70da7a395beb589ad17db.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: -onCKJ7g2pPW6H5gxhm6MnLc2I-YoJbosUkMj2o7tNCR3pb797ZYSQ==
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 28 Nov 2021 06:11:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 831E 12 KB
5 KB 20ms
19ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 08:03:22 GMT
expires: Sat, 26 Nov 2022 08:03:22 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 166075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B9E9 783 B
536 B 69ms
41ms Document
text/html 2607:f8b0:4006:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28b69d5c3e8a0cb0c78aa4f47c7906ed1bc3d5d4494730291d0bd64621ea9600

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WfQ1zgHpLdHHABl9Bd4qpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 28 Nov 2021 06:11:17 GMT
date: Sun, 28 Nov 2021 06:11:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WfQ1zgHpLdHHABl9Bd4qpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F127 43 B
257 B 25ms
25ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079877&p=2315&c=2671&s=undefined&d=1553287&v=29164&t=d996cb76-99cc-477d-abdf-adc5298b97e4&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875435&gdpr=0&gdpr_consent=&e=LoaderStartHB&m=1&x=%3B%3Bvpaidloader%3B1638079877088
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 t.gif
sb.freeskreen.com/ Frame 6DE8 43 B
257 B 27ms
27ms Image
image/gif 3.230.85.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1638079877&p=2315&c=5456&s=undefined&d=1580479&v=29557&t=8f491c80-3dbe-4b27-b67f-051e766d3e71&co=CA&pr=QC&ci=Montreal&dm=GM&flc=&slc=&ttm=1638079875252&gdpr=0&gdpr_consent=&e=LoaderStartHB&m=1&x=%3B%3Bvpaidloader%3B1638079877102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-85-182.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
expires: -1

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 831E 35 KB
13 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 03:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 03:34:04 GMT

GET
H2 200 / Show response
d.agkn.com/iframe/8613/ Frame B77F 481 B
1 KB 94ms
27ms Document
text/html 2600:9000:21da:200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=859014474&gdpr=&gdpr_consent=&ref=&bpid=bellmedia&c=%7B%22bpid%22%3A%22bellmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/

Response headers

content-type: text/html;charset=UTF-8
content-length: 481
cache-control: no-cache, must-revalidate
date: Sun, 28 Nov 2021 06:11:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
x-cache: Miss from cloudfront
via: 1.1 fd6ee8ff46440f33e22da71450793e71.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: IF8l5cvFbm477AnBufJ8VVVQ84vtMJOPxJ7HGTItdMrvC-mvIkmUOw==

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 23ms
23ms Image
text/plain 34.226.34.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=InSaVlLc&_kpid=ca46aa22-e6b4-464e-9077-7215dc98bc0a&_kcp_s=BNN&_kcp_d=www.bnnbloomberg.ca&_knifr=19&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=0&_kpa_host=www&_kpa_domain=bnnbloomberg.ca&_kpa_url_path_1=when-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&t_navigation_type=0&t_dns=31&t_tcp=48&t_http_request=-1&t_http_response=25&t_content_ready=865&t_window_load=4353&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wwi9qix51&_kurl_=http%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&userdata_user=Ogh0bKbn%2Cwwi9qix51&sview=1&kplt1=22697&kplt2=22698&kplt3=22699&kplt4=22701&kplt5=22703&kplt6=31542&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fca46aa22-e6b4-464e-9077-7215dc98bc0a%2C108%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C99%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.34.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-34-89.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 06:11:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1638079877
x-served-by: beacon-n026-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9E9 0
0 43ms
43ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3625716922125277&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0C6F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=bnnbloomberg.ca&sn=ChromeSyncframe&so=0&topUrl=www.bnnbloomberg.ca&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sy2EhXxzYjNuejl6eDJBbEo4WWw2MG9EQkc4SUJxdS9mNERRazNidUVFMEpScU9PWVlXUUludHRlTjg2QU1pWklwWGl5U3JBQVh2MzlRUG5uZHJtNk40L1ZBc0R4ZFRKeVJiNjFsNmZVMnFpWE9UWVVpdDZLRTY4Qm5abk...

428 B
621 B

76ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sy2EhXxzYjNuejl6eDJBbEo4WWw2MG9EQkc4SUJxdS9mNERRazNidUVFMEpScU9PWVlXUUludHRlTjg2QU1pWklwWGl5U3JBQVh2MzlRUG5uZHJtNk40L1ZBc0R4ZFRKeVJiNjFsNmZVMnFpWE9UWVVpdDZLRTY4Qm5abkRsOXBLSmJxM2NYWDVFUk9LblNvYk9uT3FCcWVraVhjZkVyYWRqdVlNSmpwUTA5VjZVRjkwZ09lUXZoOG5JQWVHa1V3VXp1QnRzZkE3UTB4eHRzbnEyc3BYVXAzNUJyZy9LNm1WMUovN3F3Y1AyTHczSXhZdmpNV2xRNFdsMitBWGtyVkRMUFhYeStwWVRyVGI2d1VhM3RhbCt1MGYxZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

4c244190f7e126fc79d359ae4fe47b08213a130728ba804cd8ebcd56ea73f5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 28 Nov 2021 06:11:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4799
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 28 Nov 2021 06:11:17 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=sy2EhXxzYjNuejl6eDJBbEo4WWw2MG9EQkc4SUJxdS9mNERRazNidUVFMEpScU9PWVlXUUludHRlTjg2QU1pWklwWGl5U3JBQVh2MzlRUG5uZHJtNk40L1ZBc0R4ZFRKeVJiNjFsNmZVMnFpWE9UWVVpdDZLRTY4Qm5abkRsOXBLSmJxM2NYWDVFUk9LblNvYk9uT3FCcWVraVhjZkVyYWRqdVlNSmpwUTA5VjZVRjkwZ09lUXZoOG5JQWVHa1V3VXp1QnRzZkE3UTB4eHRzbnEyc3BYVXAzNUJyZy9LNm1WMUovN3F3Y1AyTHczSXhZdmpNV2xRNFdsMitBWGtyVkRMUFhYeStwWVRyVGI2d1VhM3RhbCt1MGYxZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1611
content-length: 541
expires: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame B77F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212293468&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1&gdpr=&gdpr_consent=
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=d440bdea-0c87-4fb7-a917-41c84fc16384

43 B
679 B

101ms
101ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=d440bdea-0c87-4fb7-a917-41c84fc16384
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=859014474&gdpr=&gdpr_consent=&ref=&bpid=bellmedia&c=%7B%22bpid%22%3A%22bellmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
via: 1.1 158c603777b70da7a395beb589ad17db.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: K8uWquPzHHxrbzd6pet4JTCa7QMAN7TjcGeZ2mF5w-sVWJEHDf3m3g==
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=d440bdea-0c87-4fb7-a917-41c84fc16384
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 217

GET
H/1.1

200
OK

/
pixel.mathtag.com/sync/img/ Frame B77F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212293438
https://pixel.mathtag.com/sync/img?redir=https://aa.agkn.com/adscores/g.pixel%3Fsid%3D9312292258%26mt%3D%5BMM_UUID%5D
https://aa.agkn.com/adscores/g.pixel?sid=9312292258&mt=b88761a3-1d84-4300-ae38-7f32f5d77470
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=204810503984005218657

43 B
404 B

34ms
33ms

Image
image/gif

23.52.161.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=204810503984005218657
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8613/?che=859014474&gdpr=&gdpr_consent=&ref=&bpid=bellmedia&c=%7B%22bpid%22%3A%22bellmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Protocol: HTTP/1.1
Server: 23.52.161.201 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master iad-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 06:11:17 GMT
Server: MT3 4133 baa842e master iad-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Nov 2021 06:11:16 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
via: 1.1 158c603777b70da7a395beb589ad17db.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
location: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=204810503984005218657
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: HB5QPcLG2aO0OzxT4dK_zBowdJ9T-NARdTHQd0DMHjlN285ylpoHcQ==
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3625716922125277&bg=!AAOlA0fNAAZQLpa_UC47ACkAdvg8WiNvvV1_1Awy4StK8_fOiKuh9CiqB40xJ_bky85BPYdO3w0U5QIAAACbUgAAAApoAQcKACs4UKrYkop2ZtBMz0nhGFaZbur-JaH6929z-wdLEFaSrGQyKT6NBghkiV7ymQJ05eV08uLLEqVI573kSm9VAwPzxxCHfWGqD2HB4SC7ncxhP-Z9L4AgmdHdZDfnwWjhbcryQrdun0JucldSWQYMteJExGgJrZKaYLXajLZd5_w7pqTld_gmkBrVZLyqseUp2R0teSkYqchsIG69vwxPWLKk4vRHtNGfk3F-KtqYzUXzYngzZKbIGoOByLiS2BQTGNVQBYZMTBo3E62VyXsSjr1d9Eb7aO5W6o-hlqe0gY9Ckn7Oq72BfLWUiw_UQV9yIBZLMKumuNeAAmC9D5FF_uoAkATazSimdK_num_pTjF7Z107XTqeKPbedyqYYrxnnbGCQ6Z8iB7dNNYHFlJBlcBg0tBb_6fvLbM8VCsh2LGgbZRGjpq4wHWMqBpg40hscW17xkBzxz_mXq2RNrzRcg156BZJDsGtk3nFxQ6ozpnmQ3OfZIPDyEfemH63Aiwom1wfECNCZc33yLMKKOKpUOYiwznEGj5zjNjflcjCsBBoPeiKW9xSuXsH6_12pYsE8zLX0mA0BcGCIjRs0JL-eFnE6N5NCPUJpwafb5zkJOrjArpL57h8uCBo0kcjunNg4atFlKAz3aJmRkThGU49gVjNw_y8KhQjy94JO1ZCXRevVfzjcikVclIIzksj8vjzM2sFGNDw5C_QQWJu57Q4qc9xCkK6urEJksIn6_PfOvQAE59W3q_8-J9lFaLtyX6qvLq1ykUwTTcm1FZZ9hq8A5LXD0bOoDPYobRtq8_60_PSHrYuxa1kXlFKzJ8lERkRKl14U96Li4V7WagxhLWXXMrNGBDTD9FhVZ2bVk76hzkfL2dGVVCe3s4oGKE1C-R0iFw86w

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
178 B 101ms
100ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=b1a4360a-3db9-4b39-b09d-c3e14666840a
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/289d106c-df24-4cd9-a9fa-753e928c23ad-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 77c26c2067b332f94a21463a932fdc3beeedfdc69bc98af8d5afdc8ea9775dd2

Request headers

Referer: https://www.bnnbloomberg.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 28 Nov 2021 06:11:17 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.bnnbloomberg.ca
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 110
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=6705&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A4433%3A865&as=1&ag=5053&an=1153&gi=1&gf=5053&gg=1153&ix=5053&ic=5053&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5053&bx=1153&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4893&cd=954&ah=4893&am=954&xd=00&rf=0&re=1&ft=3794&fv=0&fw=3794&wb=2&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=1751212545&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:20 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=11733&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A4433%3A865&as=1&ag=10082&an=5053&gi=1&gf=10082&gg=5053&ix=10082&ic=10082&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10082&bx=5053&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9921&cd=4893&ah=9921&am=4893&xd=00&rf=0&re=1&ft=4904&fv=3794&fw=3794&wb=2&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=1999079120&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:25 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 33ms
32ms Image
image/gif 54.165.183.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bnnbloomberg.ca&p=%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&u=BbYvINUiwx5CxBqb9&d=bnnbloomberg.ca&g=65778&g0=Technology&g1=Annie%20Massa%2C%20William%20Turton%20and%20Jack%20Gillum%2C%20Bloomberg%20News&n=1&f=00001&c=0.25&x=0&m=0&y=2963&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1410&t=D0ud4OBkTQZKCGqhB-C0vpx_CVx6rw&V=129&tz=0&sn=2&sv=T_wif3kQathBSq9DsU36DD63EJr&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.183.227 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-183-227.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
23ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=6&pxm=2&sgs=3&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13086777635869113496&i=BELLMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=525877049924&cu=1638079873582&m=16567&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A4433%3A865&as=1&ag=15163&an=10127&gi=1&gf=15163&gg=10127&ix=15163&ic=15163&ez=1&ck=1160&kw=978&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15163&bx=10127&ci=1160&jz=978&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15019&cd=9983&ah=15019&am=9983&xd=00&rf=0&re=1&ft=4904&fv=4904&fw=3592&wb=2&cl=0&at=0&d=15536239%3A2931143273%3A5825375997%3A138373128006&cm=0&bo=56418679&bd=92336599&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=56418679&zMoatOrigSlicer2=92336599&zMoatDomain=bnnbloomberg.ca&zMoatSubdomain=bnnbloomberg.ca&dfp=0%2C1&la=92336599&zMoatPS=-&zMoatST=-&zMoatSZ=728x90&zMoatJS=3%3A-&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMData=1&zMoatMSafety=unsafe&dfpSlotId=leaderboard-ad&zMoatIPM=-&zMoatIPMID=-&zMoatCURL=bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tz=leaderboard-ad&iq=noHistData&tt=noHistData&tu=1&tp=unsafe&tc=0&fs=195763&na=1008098649&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
20ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=ctv.bnn&zMoatAdUnit2=Technology&zMoatAdUnit3=Article&wf=1&ra=4&pxm=2&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=BELLMEDIA_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-GKKOVythgEwLgg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&pcode=bellmediaprebidheader755367530455&rx=529378786612&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&rm=1&fy=970&gp=408&zGSRC=1&gu=https%3A%2F%2Fwww.bnnbloomberg.ca%2Fwhen-a-hacker-calls-how-robinhood-fell-victim-to-a-vishing-raid-1.1687752&id=1&ii=4&f=0&j=&t=1638079873582&de=820719166330&cu=1638079873582&m=16776&ar=7e5b6a28623-clean&iw=ed14c44&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=408&lb=2963&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A544%3A544%3A4433%3A865&as=1&ag=15122&an=10082&gi=1&gf=15122&gg=10082&ix=15122&ic=15122&ez=1&ck=1153&kw=954&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15122&bx=10082&ci=1153&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14957&cd=9921&ah=14957&am=9921&xd=00&rf=0&re=1&ft=4904&fv=4904&fw=3794&wb=2&cl=0&at=0&d=5083046367%3A2926482945%3A5817447030%3A138369465331&cm=1&bo=ctv.bnn&bd=Article&gw=bellmediaprebidheader755367530455&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195763&na=335290376&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.bnnbloomberg.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 06:11:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Nov 2021 06:11:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: kr.ixiaa.com
URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif

Domain: dx.bigsea.weborama.com
URL: https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dweborama%26partner_uid%3D{UUID}

Domain: r.nexac.com
URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOgh0bKbn%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E

Verdicts & Comments Add Verdict or Comment

603 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: TS01ed3f75 Value: 017a1c6bed4aa1010677e8ce8265bb37bc0a93c950788d31104fedd3e2a9e23f45238d1a0f4897e028cf61b25b090f16a14416a71b
.adsrvr.org/	1970-01-20 07:46:55	Name: TDID Value: d440bdea-0c87-4fb7-a917-41c84fc16384
.demdex.net/	1970-01-20 03:20:31	Name: demdex Value: 62343979600873580793747237977899911040
www.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: autoPlayWithSoundNextVideo Value: true
www.bnnbloomberg.ca/	1970-01-20 07:46:55	Name: BM-BNN-Continuous-Play Value: true
www.bnnbloomberg.ca/	1970-01-19 23:02:46	Name: ctaClosed Value: %22false%22
www.bnnbloomberg.ca/	1970-01-20 08:30:07	Name: __atuvc Value: 1%7C48
www.bnnbloomberg.ca/	1970-01-19 23:01:21	Name: __atuvs Value: 61a31d81c33a7d93000
www.bnnbloomberg.ca/	1970-01-20 08:30:07	Name: _cb_ls Value: 1
.bnnbloomberg.ca/	1970-01-21 01:19:34	Name: permutive-id Value: 3cd3183b-b8a5-435e-ab19-efbe08ae10f6
.bnnbloomberg.ca/	1970-01-21 01:19:34	Name: permutive-session Value: %7B%22session_id%22%3A%2245cfedd0-c533-4265-b371-717e3d155ebf%22%2C%22last_updated%22%3A%222021-11-28T06%3A11%3A13.559Z%22%7D
.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: AMCVS_BB3937CB5B349FE70A495EAE%40AdobeOrg Value: 1
.addthis.com/	1970-01-20 08:22:55	Name: ouid Value: 61a31d8100016e15e8a69c3d8822cf70b93a999fa3d1272f6b74
.addthis.com/	1970-01-20 08:22:55	Name: di2 Value: aU~qn#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#7&z#7&v#7&r#7&`#7&[#7&W#7&S#3Lh#1:R#19w#.'k#-<R
.addthis.com/	1970-01-20 08:22:55	Name: um Value: j.'2021112806111358600156752128'
.addthis.com/	1970-01-20 08:22:55	Name: uid Value: 61a31d81bfaf8d13
.addthis.com/	1970-01-20 08:22:55	Name: na_id Value: 2021112806111358600156752128
.addthis.com/	1970-01-20 08:22:55	Name: vc Value: 2
.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: pvv Value: 1
.bnnbloomberg.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 07:46:55	Name: everest_g_v2 Value: g_surferid~YaMdgQAAALyuUQPl
.289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co/	1970-01-20 01:13:48	Name: pxid Value: c53e0c10-3c9e-41e0-9540-7f12df7131cc
.linkedin.com/	1970-01-20 01:10:55	Name: li_sugr Value: e4c2f23c-757d-4b1a-8b4e-a463ed81c0e2
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:33:13	Name: bcookie Value: "v=2&b5c74840-1129-4c21-8067-a5b0a53a01cf"
.linkedin.com/	1970-01-19 23:02:46	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2180:u=1:x=1:i=1638079873:t=1638166273:v=2:sig=AQFL_Opi_lBW59BKbB4yGR5MBCI4TCzB"
.scorecardresearch.com/	1970-01-20 16:18:07	Name: UID Value: 1XIA1SAZVAYIQCSBV06A6Vg1638079874
.dpm.demdex.net/	1970-01-20 03:20:31	Name: dpm Value: 62343979600873580793747237977899911040
.twitter.com/	1970-01-20 16:32:31	Name: personalization_id Value: "v1_iHN6dv5bJ0NbRQHyl/W+aQ=="
.bnnbloomberg.ca/	1970-01-20 16:32:31	Name: _ga Value: GA1.2.1887333569.1638079874
.bnnbloomberg.ca/	1970-01-19 23:02:46	Name: _gid Value: GA1.2.766448530.1638079874
.bnnbloomberg.ca/	1970-01-19 23:01:19	Name: _gat Value: 1
.linkedin.com/	1970-01-19 23:44:31	Name: UserMatchHistory Value: AQLtdI-glgAFJQAAAX1lK0N5ZF6ddzqegPDHvQGmLDLycA4U6lfAGC72upXOnrqpi6lbzcohv95MSQ
.linkedin.com/	1970-01-19 23:44:31	Name: AnalyticsSyncHistory Value: AQLYRLEZaboKOgAAAX1lK0N5jVNsqtH2O2XAeKJDiYWdAm1XbLAkzl1x87DBev-HwYUTCs1e-1XRLILgcLiK5w
www.bnnbloomberg.ca/	1970-01-20 08:30:07	Name: _cb Value: BbYvINUiwx5CxBqb9
www.bnnbloomberg.ca/	1970-01-20 08:30:07	Name: _chartbeat2 Value: .1638079873933.1638079873933.1.T_wif3kQathBSq9DsU36DD63EJr.1
www.bnnbloomberg.ca/	1970-01-19 23:01:21	Name: _cb_svref Value: null
.addthis.com/	1970-01-20 08:30:07	Name: uvc Value: 1%7C48
.bnnbloomberg.ca/	1970-01-20 16:32:31	Name: AMCV_BB3937CB5B349FE70A495EAE%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18960%7CMCMID%7C62305586995734422793815321703059684120%7CMCAAMLH-1638684673%7C9%7CMCAAMB-1638684673%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1638087073s%7CNONE%7CMCSYNCSOP%7C411-18967%7CvVersion%7C5.2.0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:33:13	Name: bscookie Value: "v=1&20211128061114e0daa082-d72f-4198-8909-4573cf0d79bfAQGNkaTLUk-0VofxOPbEdOAcMUS8uA8D"
.addthis.com/	1970-01-20 08:30:07	Name: loc Value: MDAwMDBOQUNBT04yMjUzMTA0MzUwNTAwMDBDSA==
.demdex.net/	1970-01-20 03:20:31	Name: dextp Value: 771-1-1638079874197
.bnnbloomberg.ca/	1970-01-20 01:10:55	Name: _fbp Value: fb.1.1638079874207.1991311764
www.bnnbloomberg.ca/	1970-01-20 07:46:55	Name: permutiveID Value: 3cd3183b-b8a5-435e-ab19-efbe08ae10f6
.krxd.net/	1970-01-20 03:20:31	Name: _kuid_ Value: Ogh0bKbn
.adnxs.com/	1970-01-20 01:10:55	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HbzH<s.N!@wnf-Te9(>wL5L!!'7?$Xx-M
.doubleclick.net/	1970-01-20 16:32:31	Name: IDE Value: AHWqTUlixAyOKY3_oEm_JzRWGgcJsZ4g8XYDCetH_pXxhwnUJqFLSHkAzIZwUK2L8GE
.amazon-adsystem.com/	1970-01-20 04:10:55	Name: ad-id Value: AzWdU2Q9MU7gsy1IBNpaPOY
.amazon-adsystem.com/	1970-01-21 19:39:43	Name: ad-privacy Value: 0
.adsymptotic.com/	1970-01-20 01:10:55	Name: U Value: 6f50645016a08e4d7481a92f9cbe3197
.facebook.com/	1970-01-20 01:10:55	Name: fr Value: 00BFkfG4eqkXmN2Rk..Bhox2C...1.0.Bhox2C.
.rlcdn.com/	1970-01-20 00:27:43	Name: pxrc Value: CAA=
.casalemedia.com/	1970-01-20 07:46:55	Name: CMID Value: YaMdgs9pn4B.hy62MqV8CwAA
.casalemedia.com/	1970-01-20 01:10:55	Name: CMPS Value: 145
.casalemedia.com/	1970-01-20 01:10:55	Name: CMPRO Value: 490
.adnxs.com/	1970-01-20 01:10:55	Name: icu Value: ChgI8a1bEAoYASABKAEwgruMjQY4AUABSAEQgruMjQYYAA..
.adnxs.com/	1970-01-20 01:10:55	Name: uuid2 Value: 8634506771707896453
.sharethrough.com/	1970-01-20 07:46:55	Name: stx_user_id Value: efa820e2-2889-4174-ad5b-7a03dd0985b1
.yahoo.com/	1970-01-20 07:47:17	Name: A3 Value: d=AQABBIIdo2ECEIS0pWTtVoZCBL02C1bncAgFEgEBAQFvpGGtYQAAAAAA_eMAAA&S=AQAAAr6JkzdAkzBkv6xAiDN9NYE
.bnnbloomberg.ca/	1970-01-20 08:22:55	Name: __gads Value: ID=43fd66562d146b6f:T=1638079874:S=ALNI_MZkI0irFb7FZsVLlTH2O9uVa2p_Kg
.eqads.com/	1970-01-20 01:13:48	Name: EQUser Value: UID=beff4752-f62b-4ac9-b220-275066eabc77
.doubleclick.net/	1970-01-19 23:01:19	Name: FLC Value: CJDuygMQn4a3mQEYwbeP9QEg06ywTSiFzaoFMIK7jI0G
.casalemedia.com/	1970-01-20 07:46:55	Name: CMRUM3 Value: 2861a31d822760beff4752-f62b-4ac9-b220-275066eabc77&ce61a31d8205a0&2d61a31d822760CAESENMTdsM0Duu9scYK5QEWGI0&e661a31d822760&2761a31d820b40&0561a31d8205a00&f161a31d8205a0&be61a31d8227608634506771707896453
.casalemedia.com/	1970-01-19 23:02:46	Name: CMST Value: YaMdgmGjHYMA
.bttrack.com/	1970-01-20 01:10:55	Name: GLOBALID Value: 2uKlc8-sIBd987FnJ3jCmOSBfg8BX1KCc3c45Xe0IEMOPUVpCI--0_2142FX5I4uJWr2HlB9C5QC4TM1
.advertising.com/	1970-01-20 07:48:22	Name: APID Value: UPfe484cfa-5011-11ec-93ea-0aa43e051bf3
.acuityplatform.com/	1970-01-20 07:46:55	Name: auid Value: 625973123154
.acuityplatform.com/	1970-01-20 07:46:55	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT5ZJTRFuJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE+WSU0RbiPdGhpcmRQYXJ0eVVzZXJJZCH7+4Z2ZXJzaW9uwvs="
.analytics.yahoo.com/	1970-01-20 07:48:22	Name: IDSYNC Value: "18y3~21s6:175w~21s6:191l~21s6:18ym~21s6"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPfe484cfa-5011-11ec-93ea-0aa43e051bf3
.yahoo.com/	1970-01-19 23:02:46	Name: APIDTS Value: 1638079875
.rfihub.com/	1970-01-20 08:22:55	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDA2MDM1sjA2sRTiM9T1cTPLLi1zCalwTvSU4jU0M7YwMLe0MDc1MTYEANHBV3Q0AAAA
.rfihub.com/	1970-01-20 08:22:55	Name: eud Value: H4sIAAAAAAAAAGsS5DU0M7YwMLe0MDc1MTYEABVEGrAQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDA2MDM1sjA2sRTiM9T1cTPLLi1zCalwTvQEAHRqBUwlAAAA
.freeskreen.com/	1970-01-19 23:11:24	Name: a Value: NTQ1Nj0xfHw7MjY3MT0xfHw7
.admanmedia.com/	1970-01-20 07:46:55	Name: admtr Value: ff20c7b87517ac9f69df6429dc5b6e448b8be8a6
.exelator.com/	1970-01-20 01:54:07	Name: EE Value: "de93c3c6b5722be4d39546f120f66d4e"
.tremorhub.com/	1970-01-20 07:47:16	Name: tvid Value: e47a14c31f9e4fa09388637eead9df47
.exelator.com/	1970-01-20 01:54:07	Name: ud Value: "eJxrXxzq6XKLQSEl1dI42TjZLMnU3MgoKdUkxdjS1MQszdDIIM3MLMUkdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiZ8fFRSlpDItKik8F79s0DQCDxSp0"
.tremorhub.com/	1970-01-19 23:08:31	Name: tvssa Value: 1638079875598
.smartadserver.com/	1970-01-20 08:30:07	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:30:07	Name: pbw Value: %24b%3d16960%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 104685=4684691
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-19 23:02:46	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dg1r+5m1%3B%24qt%3D93_1012_49235t%3B%24dma%3D0&c=1&l=1397224375&lo=1808482350&lt=637736802756551371&o=1
.smartadserver.com/	1970-01-19 23:02:46	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3Dg1r+5m1%3B%24qt%3D93_1012_49235t%3B%24dma%3D0
.smartadserver.com/	1970-01-19 23:02:03	Name: dyncdn Value: 1
.smartadserver.com/	1970-01-20 08:30:07	Name: pid Value: 3496748603547980566
.smartadserver.com/	1970-01-20 08:30:07	Name: pdomid Value: 6
.districtm.io/	1970-01-19 23:27:15	Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2IrQWJJR0d6SXhXRWRCWVUxT2FIQkJkbVp0YW5sMVltNW9kVXBETkRaSlZib0dGUWlnVGhJUVdXRk5aR2RSUVVGQlRIbDFWVkZRYkxvR0VRaW1UaElNTmpJMU9UY3pNVEl6TVRVMHVnWURDS3BPdWdZRENLNU91Z1lEQ0xCT3VnWlFDTU5PRWt0NUxWTnBSM2N3U25CRk1uVkhWM1ZUWmpjdWQwZHdSWHBrYVY5dmFuWmpWRGhPZmtGK1ZWQm1aVFE0TkdObVlTMDFNREV4TFRFeFpXTXRPVE5sWVMwd1lXRTBNMlV3TlRGaVpqTzZCaGdJeUU0U0V6RTRNVE13TlRBM01EZ3pNRFkxTWpnek5EbTZCakVJeVU0U0xIa3RSRmw1VlZsTk1VVXlkVVkwY2w5clNrVk1aM0prVTJ0aVREQk1OMVV4WWpsRE5URnFiRW93TFg1QiIsImlhdCI6MTYzODA3OTg3NX0.1w3i25IjmFYipeD-7EHlJ9O2_6EI1dDswWjPtCZY9YkFvJN8MvNo3eRR4hqTVFgpix52cNZBGOE8GG_ABCaAIQ
.tremorhub.com/	1970-01-20 07:47:16	Name: tvv Value: 1
.rlcdn.com/	1970-01-20 07:46:55	Name: rlas3 Value: Qxcv8nzU6TBDqte3HfoL8zgS21qhUnb2gweWiRvl2aA=
.mathtag.com/	1970-01-20 08:27:15	Name: uuid Value: b88761a3-1d84-4300-ae38-7f32f5d77470
.smartadserver.com/	1970-01-20 08:30:07	Name: csync Value: 104:KWIUGPTM-1S-CB57
.rubiconproject.com/	1970-01-20 07:46:55	Name: khaos Value: KWIUGPTM-1S-CB57
.rubiconproject.com/	1970-01-20 07:46:55	Name: audit Value: 1\|MQdtfJ8Weawk8lUFIZDRZ2j727arV1TqRJwTBDhDB8WB+d55h43RBiLaYc6K3hh4mcSZ2nIErz8iZ07GJqnMno4BjqNRGrmz
.freeskreen.com/	1970-01-19 23:11:24	Name: scmtid Value: "dGxyaWQ9ZTQ3YTE0YzMxZjllNGZhMDkzODg2MzdlZWFkOWRmNDd8MTYzODA3OTg3NTYzMyZzYWlkPTM0OTY3NDg2MDM1NDc5ODA1NjZ8MTYzODA3OTg3NTgzMyZzY21pZD1maWFmaGlqaGFpZGdiRnJMVlF1R2hvaXwxNjM4MDc5ODc1MDg1Jm1naWQ9S1dJVUdQUVgtTi03REZFfDE2MzgwNzk4NzY4NzQmYWNpZD0lN0IlMjRVSUQlN0R8MTYzODA3OTg3NTU3MQ=="
.criteo.com/	1970-01-20 08:22:55	Name: uid Value: 33881a03-d175-4478-9558-1ba5dec63760
.agkn.com/	1970-01-20 07:46:55	Name: u Value: C\|0AEAAAAAAKTXaBQAAAAAAAg1RAQCADVIBAIA
.agkn.com/	1970-01-20 07:46:55	Name: ab Value: 0001%3Am%2BWwtu2ZIaIkRoDxdSqkCgw6pTJc6ZVOHcXJu2ftvke8joQyjSaKBg%3D%3D
.adsrvr.org/	1970-01-20 07:46:55	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsIkvibpv2PmToQBRIbCgxzaGFyZXRocm91Z2gSCwiK2IOq_Y-ZOhAFEhYKB3J1Ymljb24SCwjgxrG3_Y-ZOhAFEhgKCWFkYWR2aXNvchILCICq0cD9j5k6EAUYASABKAIyCwiAotTtk5CZOhAFOAFaCWFkYWR2aXNvcmAC
.bnnbloomberg.ca/	1970-01-20 08:22:55	Name: cto_bundle Value: 5qrESl9QOTM2U0JrS0lWU2JUUkdqMUJ4SWV5eXZXUEw2c3dlWkdLQ29GdGZyOSUyQmx0Q1NHZGNlNjMyUDRoT0RnQSUyRlpYNUoxdHVMQVFhTXc0djF1UmxLczVod2NGMEp2JTJGSjdlVElTdTVpeEtOajlxNnFVVVRrNUFhdUhWSUN0UU96eEl3cmJqQnFzNlQ3Zkp4JTJGbnBpZk5DRGNrdyUzRCUzRA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOgh0bKbn%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://dx.bigsea.weborama.com/collect?r=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dweborama%26partner_uid%3D{UUID} Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21cbdb729376db3a32d9a862bf97ec17.safeframe.googlesyndication.com
289d106c-df24-4cd9-a9fa-753e928c23ad.prmutv.co
aa.agkn.com
ad.doubleclick.net
ad4m.at
ads.freeskreen.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
analytics.twitter.com
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
assets.adobedtm.com
beacon.krxd.net
beacon.tru.am
bellmedia.demdex.net
bellmedia.sc.omtrdc.net
beta.ctvnews.ca
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
capi.9c9media.com
cdn.districtm.io
cdn.krxd.net
cdn.permutive.com
cdns.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
consumer.krxd.net
cs.admanmedia.com
d.agkn.com
dmx.districtm.io
dmx.us-east-33.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dx.bigsea.weborama.com
entitlements.jwplayer.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
images2.9c9media.com
imasdk.googleapis.com
js-sec.indexww.com
js.agkn.com
kr.ixiaa.com
loadeu.exelator.com
loadm.exelator.com
m.addthis.com
mab.chartbeat.com
match.adsrvr.org
match.sharethrough.com
mb.moatads.com
mug.criteo.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pc083-12m5d.ads.tremorhub.com
pe-ak-vp07a-9c9media.akamaized.net
ping.chartbeat.net
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.nexac.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
static.freeskreen.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.smartadserver.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
tru.am
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
usermatch.krxd.net
v1.addthisedge.com
video.freeskreen.com
webapps.9c9media.com
ww1772.smartadserver.com
www.bnnbloomberg.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
z.moatads.com
dx.bigsea.weborama.com
kr.ixiaa.com
r.nexac.com
s7.addthis.com
104.16.190.66
104.16.68.69
104.18.102.194
104.19.149.54
104.244.42.197
104.244.42.67
108.174.10.14
13.225.214.117
13.226.37.38
13.226.37.82
13.226.37.90
142.250.64.102
142.250.72.98
142.251.4.156
142.251.41.2
15.197.193.217
151.101.129.194
151.101.194.133
151.101.194.49
151.101.66.133
152.199.5.228
18.213.10.151
192.132.33.46
199.187.193.165
199.187.193.185
199.232.64.157
199.38.167.129
2001:4998:14:800::1000
209.54.177.54
23.192.31.127
23.199.204.79
23.200.228.59
23.204.138.74
23.211.130.59
23.217.175.140
23.217.28.32
23.41.188.28
23.52.161.201
23.52.162.21
23.52.162.36
23.52.163.40
2600:1400:d:586::1e80
2600:141b:13::17d7:82d1
2600:141b:800::17c5:c1d3
2600:1f18:4e9:5a01:d442:ba08:69c2:12fc
2600:1f18:612b:4200:787a:99c3:22c2:11ca
2600:1f18:612b:4264:e1d3:1d00:f599:e1ca
2600:9000:210b:7600:15:efbc:e300:93a1
2600:9000:21da:200:19:fc2c:a140:93a1
2600:9000:21da:bc00:18:1fcd:34f:cdc1
2600:9000:21ea:8400:1b:5138:8a40:93a1
2606:4700:20::ac43:4af5
2606:4700:3039::6815:c09d
2607:f8b0:4006:806::2004
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2006
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2003
2607:f8b0:4023:1404::9b
2620:100:a001::4
2620:109:c002::6cae:a0e
2620:1ec:21::14
2a02:2638:1::13
2a03:2880:f065:e:face:b00c:0:3
2a03:2880:f162:81:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42::626
3.138.71.180
3.143.162.26
3.218.90.66
3.230.217.116
3.230.85.182
34.107.254.252
34.120.155.137
34.197.16.142
34.226.34.89
34.229.3.43
35.190.60.146
35.231.227.177
35.241.9.51
44.194.222.26
52.0.156.250
52.22.30.205
52.37.186.57
52.40.172.46
52.5.82.14
54.165.183.227
54.173.172.38
54.192.160.42
68.67.160.114
68.67.179.166
69.173.151.100
69.90.254.78
74.119.119.129
74.119.119.139
74.121.140.14
8.2.111.137
8.39.36.142
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0328be5fc454c0d2bf6277b38ee005be097cb4bfe2c850d214c0e4636cea68d3
03862701caca12427fdc26a145ee29aa26fb5f1d09991d27957c008dbd0d3dae
0452f5f4ba2e8c01a20b608b1f8671b6867e6f2a35d6d4cf477a7f97bbabe18d
049f1305bcd4218588ef8407dae8fc656833a70748a8ebdce3b0fd3bb00ff0db
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06506b549281c8457ff1ea41203aed36e46da8a2aa51eb58978d86b146a0e040
0667b75242c6b97f421ac0eaacc8fcd559262a73f421339b4bf01990247ce0ef
0672792a557b69f7ff7d4e55c0c3a58093739b00159a968f3ca61c26ee36e327
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
09ab6064be679e021cca9088f5d75911c9e49071affef1fbecbb1cda249f9672
0abbf99ebcac3171e52de6584fdbcffa53b701db7640c712cf34d42341b0a49e
0b7fde80bd21834b672eadbc97415c8e02f99375d4bd7eaed0cc78d3ecb8cd17
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bf2369e658fb3c9ea4c5a5a822e4c333102ea535f78354534f3e070a07006d4
0d910cc1aa24413aaeef9f2cb52c3ed8bc4a06e823fc1d2d26f75667a0233764
0e6eeaf5fdede93a23339c21346072623d2a58ae36986d6c4056fd27d299bf01
1012c0f926c8887b6fc3d5086b268d387883d21e38541bf26426d8b15c388457
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119f23088c007494c448d90df4bab4829ffc8d446e371a261b1c4c9d64f3a48f
11fdf941bbf8423aea172efab92d3ff6d3724a655402cc6318dda992e6eafdb8
1294d18482911edd15526fb7a913e11ff77b52866fa729e7ec28d71bd8dfb238
1604851710fbd4c91716919f1d1df3a0f8e60f41aae07bd708ca96062252ddd4
19358179a0f3d8c2be4fc211712b12b3223ceec8115ebb9f631ae0aeb63a0f3a
19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f
1bdbe685db7b4aa57327bfbac0bef5b7636d0cdd4fd4ccf974ae5b552927a7d4
1dd93f68bd51d71028253b2054f5b79afbdc5d045bfea4005559e1883ccb977d
201b183187d01c772206f76a585e3ec2ed3fb8cf79e003754b2f19aca17a5e14
202667ba9aad8ee0d2389f97571cb915b8c5178c9849a0197e5eaefa087ab3b8
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
20a25f993dd06568742762f56634b696d67732c2bd384b7d5fe62bd10ef4020c
21939df91566cf06472adf6452c0e591e6c3aa0f5d6c1352a540ba149f9cab3e
2229308c24a3e13ec4de4e9e858a13f247c095ab25751f6e4dea5d4c46d8196a
2498bc9bfe195e73ab40b9c89330ddcf96ff75915483649b7f98638a54f69d85
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
289d4b67d5b25037a74bf891dbd7db6fc946e56bbdb5946523e94322b296fa55
28b69d5c3e8a0cb0c78aa4f47c7906ed1bc3d5d4494730291d0bd64621ea9600
2a204b9783bef7cd52e45f097ccc71661a35f3075b377ab28fd0052505b88f52
2a4a082120a0ba3432ee302e53e696678fe25d8d04927f671e9a32358e58c3f3
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2d4cee82f2c96412177da59763b363c54b51734597d1c877b6265a23def9b9b0
2faf54b80c6fc31bc6cfb2dea6dda5889626226580d0962a3919519c24da3696
305bc935e48e488ba598f584b0d0f544a296f1145dda94cee66c2cf1988fa81a
31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33028b306202787af41768dacb7fbc2b20a84f3a1f026cc0893d177af270fccd
352f366cbf28b891fd004a3aa2fdfbd14986381f49bdc403b1daaab2b367aa64
3582d8f876daa0abc599b25ff4cfafa8b992825d748881df655b13687f5647c8
366b63488c133deed3d2fe1d5452002379fd437eae1740aa84b7c6b167212421
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
36dae2d5ab0d8767a959eac7ae4988230cd7ce976a6451804faf3f3aa0c9c19b
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
387168815d8e02c9c12a63d98fdceacaea0993c73d9808dba062f1a3e4de84dc
3a238633a32d437a027bd661e8a71c9891fc94017a7ca20b1bab8293f9126e0c
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c423060975a447c389133494d357ed141f474e4c8a2939a4f34047224ec5e3c
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d8e2c41a3720058e903295d2d6d22e8252411aeb4371c41b5627e2426e552a6
3e42eb8467ba030a2b2b19e611073a21176938f98ffbf100dc745a5512f69f40
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403212ff1a4fd74eb325f1b558c3aba007976bba608fccaa828da49da05a7811
4071c268806036b0d3a68fa7eb558321f866a415d782a840f159127836cfaa85
408dbdc362ec1c7052ad3b90f8139eac221c20487bf33fd4630ca6d8d3774f84
40dfdd89d5b7813272faf1d5bc76da30cb3f84cc14539f77c9de295d855d756c
42ea66328975bc5474b573a2c725eaa974c1472e7271c4b5ce0a49a636a99d6c
445c5b1a5101c7fa764dde6153130716037b5414630812d4dae54cd966e4342c
4654afad83c7f43ed95618aba12e8673454294ece712b17f934dd029c1142481
47fb8b7f5571b3f676d97f8c7d625bcd773796133c7bdd499a484c5f118a9452
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4af5765b7587881ef567c23d0aa9fcdbeff09e3354473ed56eca490f4df5ca30
4c244190f7e126fc79d359ae4fe47b08213a130728ba804cd8ebcd56ea73f5c4
4c5c6c2cfdb23953e3821af8c749430ba72f0ebc8d3ff8f0ec5948a24ae49a2e
4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e38c31aeabb853b87a852e8e145480db4f99d78f509bf9dfccabefb4a5f6788
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
534788a2c2813f85ae15eb9d11eef53bd969da97fe9ef5a6232ae55d9e1a367b
53f7413e39db9b8bbe9e7b68bbc5fa1bb3420bc9b0c8bdbd226ab1cb1717fdeb
540c0cf84b680a0f646582c27c1af431ab4e09802f7041443f348231b10c10a9
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
56c71015df7a063d5a62318935f8a8252168f61779fcde2318ca61eee811450e
57bed4a2798d28adf16ed139ae0a3e2ee832fa5c472de19be2874de5a917a851
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15
59ac89a1bdb929bc68e103dbc47227123f6efc448fb811a749dea6eb136122c4
5bc79b024d0439ddebcee051d3b5a1a8d82a7dcb2948bba25165ba14ec562c1f
5de9006a42ccf20e8504222cda9473f912cc4234d7c4ff738608c4495205f1a3
5eba39cd4e47377b456432f925677540d7be6ac045f2498a72cbc0d46a649f83
5f46a3316f76ce99842f91c73a86bf22d6be768490cf4aac399221d07d08b304
5fcd000cf85f57ab53137ddc5b18cc20002c5273d1b451f19ba1ae5d08212738
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61756d7932163a090cd857513451c708d03465b5094bfd02435b53e49f8dff13
6353af18a3944e52b619d909d6396bb22d7dee348b182da052092e6fed15e825
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68f8ee32d438711a6048ca00f24f375aa31774c606b72d7a5ab34147e244542d
69cb77a93b61591eefb407ae7866479895a6a383f663b9db60f14875f10f9546
6ac1c450bc9cc5b0b6bd0519fe95612309b67859cdbfed9e288b60e09c404217
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d46e87390566f921c9d33599a1ca9538342cc20fd26751d96c2062deb28c445
6e3a4a55757296f3d00ca0db43b97264a4709c13dcab42db8ed99ed4aecbe7f3
6e7270d024042e2bfcc738a018fe556a51095a9dde510b22521f1011b138a8d4
71fddc7192422e5dae0d9f12c31216b3a354b88d67b806150e4f8edcf9e6b2c0
72785f914cd462fef814108680a736287c28afe42872c39804f9b37c81c3f32d
731bbd51a930d691acfce2f9c7ec17bfbc91425e554f1bdc12687060642dcd57
74e4d6706cbd43c6d560651e13945f1da3e54d73244038547a40c70c97c0e455
75c15f9d64bbf61d39fb1403f65fb91ba49d60f33bb4d5b31571caaef15da96d
75ce4ec541727faa1ece8dcf8c69753e50a514909cfc576e96075646ff942db2
7614e6ba0968f03c23550573abc2a4001be570b6ae2ddc6c1bf00b184e657744
7718eddcc9a003bd4d6e1f79b27a45ffa3adb6ade4ad7025cc84aa630402659f
775cc1108d0c49508f22e9dce17c319b8c686dc406c70776940c22fb52b65f8b
77b48fb69c3383ba2586f01cd0df8fb575b0775378ad064b964722eab0ca4822
77c26c2067b332f94a21463a932fdc3beeedfdc69bc98af8d5afdc8ea9775dd2
787681d490f9a1532674c68aed1b9d87fc0ce0673d9870b307c6be02375add4d
79b39241d3233e7f06628d8bb684a61e85cb120ad0b4a4bd31673b5228d688ec
7ab53eb236dc33fcb2791094aa4cbc71d0c908bc1938df16baeb43b152c48b09
7bb26115caa7cfaba5dadd387eb6da4a72626801ef3e9ce3c048d2d67ac8765f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c591d6ce1c5815598040b7cc117ec47c34ad42732975b991b06230f354d0336
7d4f2aa645566ac3bdee79046ea15db1ee6ad2a09740bf0762916aa51b001cad
7d84c419bb39b3ef7ee04cce175b7b79ff638616976aab07ba909377bcc773b4
7dab178448290684b997c05ad99d6a791e54b013b215fc528907e243ba890389
807159ad847198da8db20c59ab0486a180f7e2a9e167660cf6325063bd63edec
8226af808dd7629aa60d4db24f102b665e32885fe4fe88fdf7ec9e8d5c714c20
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83fb1c8cf4cc7306a544852a928197c3cbca6a13afd4a1ee04159b05d3d8437c
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
872beb1fa54c9955ef4708b33b362adf14124e6e9a7cd18031c94f2ced0cd555
8733ad4061e0afc25916e6154d2249da919d8ae5d0b113cda5368ec41d480f03
89a323a8d5dc0fcf665d428c66bd137f754f006764f46c20f8be027aa88d4059
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cf8f98a206709b583ce9aa7723208619213f92a0afeef0fb501709699f9c8d3
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8e2d72fa40d3f21ca3cd085c8dd447eb975214bbbd6d9af493b9b205f7626e14
8f87349661e64e1cd60f19859016fa3f16bf24855fc76f091c96ba07e3e3ac8e
91d6b3fb51f70a571839685d7c4334d0c6672f98b86799199f8e964f3b7fb755
921517e8366789a69c9ac44e3b0e5411c203374f31868a05ea3fd9b3f47b726c
922372ef42f67f64319797e5d75799ceeb6e58bb937a4ba2cdc2c680b2cc451a
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
95341489d89aa8908b9abe2e7564d0fa12126317225ff006f626c8b38556b058
988fa32f9f3d00045cf5d10dd6e5a0478f7d5a2401ce8a9d3893e2af4e03c346
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99fd164ba37ba56f07a8da10bf227fbf80f1b139f7b1a43bcddfb7ffcca114c1
9a0cbe1065a9839a06ebe3b99f0013a5902b8ef0319dea3114683c9408887b18
9c1f230112bbd9ef926d03c3c605b4341b1224f8787dd0eb0d8deb889b0c5cf9
9ec67367bb4633b605eebee230a892a4f5b162982141826216b60d27ff5a6234
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a33fdb8eedf83746c794797abf28f759599abeaa2572d5d80b2a54a130c39aa8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5702526838a6eb12aeccef5256084709af4cdbe217bd3f7f405750ef1e64d96
a5d172dfaec916385b694fc9d81e68b3d48b230761d6950bb62a05f27925e417
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a69ce6c7cfb143eee6b93a86ca9e7f6d09fc06582c8995e054229b746264ee28
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aacb5cb33b90766cdfdc6de6f2e5699b34cdffbe3cc734f62ae7d0b4d389515b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aea013fd6ebe719829d6ba1888937eb71b555f57a4b4d16b06265d90f76aa946
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2ada855d95f876ddd52ebb2cc47a2325b11c0bced191ea898929d6b7afe537
b00fa09fd09d4cdc8ca5370e7cfb564db3ae7769a8a8309573686fd8c55b9561
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b364ae02328a727badd573c04bac17e95abdcb7fd9be61fc7f3d15dff162b7a1
b3916c96656bea206c1f5b3098e81544b462efdb59c1f293317844a42f0a6236
b477057fbd9238d77bfae7d31dd008148100c107e675c29f2662ad93a457aec4
b502ddf7d29f73f9b57ad131c1d5768503cd38eafc1cc7689fbbc3522d82fa74
b701c84841654eec2dacdd9cc42127154282f0ceea6f641b8d0a7192663846ea
b75407bea5ef888425779a54f2dce36419e39863edd48d5cb9508df0dc62402e
b97c699947499350bbff769980ea0a01ffc1fffa62966a403e05078fe8ba480d
b9c77c1a77dc5eb118607db267bcd1123921e64546734eef71e951b9af50b389
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd637cb57b622e0d3cf03310ba679307825bfa31a60045ec8a2c6304bd1d7ce
be92320c7984ae31e064c5f373633be2fca3b5b88ef21c2e122103ff90f1f3b8
bf8436a515e4055bc63645c9eb3a2086fafbfdb45128a4d6e0eed96d16e78203
c09b8f03a4e1d4faa97ed93c9b9e3b4141c25829490ff21b4f801e266539a6b9
c0e87b5976ff431e58a44bfdce6d3ecd06be64d7cb988a2659f8f34d469eacbb
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1dccae4b5fccd354ba48f106395360b830827f979b278835f0914a35335cc38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd0abd3be5093768ca57b1e5d5dbabe7fda09b8065760b808f94160a14e488be
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf39400dc753631915a397967da2fde8d95e89f728e374a08d8c6fd10d4b5971
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c136bbf5aeebe6ae7449c54739861a4f3a2f9bd5557a77962a0b23aaef54df
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d5f7079468948ddf969e6a4fb397a06775bcc1a5f73e9aa66adf5cc64a68bc3c
d733932f7c22987e4f0e86fb3e3d4b29f22b04d169709e23450a78c1c1b7e594
d7bf272338298682af038c50b5b653335cdf742ded98e1d26c2f07f6195699d1
d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dcbbacddddf110cd0b3099a9338995bba0cad05dbb55d275fc72b8e1cfe48af8
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df668e4c0dd6efd1322abdfa418ce2a99f86aedd2c4cede29d347b9a06af2587
dfefc713c8aa5219d62a4a95472c746c14dfcec3fade42c35b21ce8f4e493e48
e20dbdcb8e963b424c0cb14146fb0455a844930c36630f3e1d0b1dd97a6a2d88
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e295ca49c438f26cc28cc6ad767a86fb4b231e3a36b168133920dc99b2ea9d62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cdba89cda9fe880f1461f10682443ad92d9eb43df8409b7fcffb844e1f9291
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
ea3c429f53f4e67351faa29f143649cbe6c6f1662e7ab88cb9337c6a6616d1cc
eb0c84cbb3d4dfb9025d290b17a422a32a2d8d40f1af786c4fa8f6cf9f8e6750
ec0b5be40b5a1182adcb16274da82c02e5345377475617cac1379c349be5b01f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee9856e4aaccecbaf5b1715e134c13fdfb0fb4731b4473337cbf98f58c56188c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a035838f2f21c0ff56569ecccbae9f018cf59e988b57a3a496e906b4effe44
f0d88c17cfa7d70f260791623289835e8b6e0ffa7b82f30865b66f93ec18c050
f45228579b3eec5255d1f0a14e59ed0ab9c4bfd3be08a5618ee826aa80483a75
f480ef3f6ce9db3e8547578268f28762d4482cdfd8086061ee3a2df88e3a4780
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5e038d94254f00ca0c849d9d312b9024811735c4531745167d7b4fa5fe24bfe
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
fa1be5af69f5a893cc18f176431ab54d5f016fd4fa28ecf13eb6709ce4d4b0f6
fa7442fda2d46833d2b3b6085e4cc439b6a53778dcef499de526b9511bfab79a
fb94f25440a627aef0324c8c4c694a78e8427fef4055643657e3f0107b92eb6e
fbf7b5d16731bec08d287cba85ab175d64993360dc821dc27bfabf636786ecbb
fc421bcb696eb55d51dcedcc18f03dcb3ddc57a58c1f3930cb707e74b8898813
fc9dadc2711fcba02331e87c983287b6e35c5a0785d4c0c35a6e210ec42eed81
fcc3eec1d7856056d823ddc2295c8841072f079987b11699d6e73bbec9ec1054
fd48f17f80b82be30ff180c092ddd915df1817ac8baf02e1e5ecbd109f69c205
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.bnnbloomberg.ca Open in urlscan Pro 23.217.175.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

370 Requests

87 %HTTPS

33 %IPv6

69 Domains

127 Subdomains

88 IPs

4 Countries

12057 kBTransfer

24111 kBSize

103 Cookies

4 Outgoing links

Redirected requests

370 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bnnbloomberg.ca Open in urlscan Pro
23.217.175.140 Public Scan

Screenshot
Live screenshot

Full Image

370
Requests

87 %
HTTPS

33 %
IPv6

69
Domains

127
Subdomains

88
IPs

4
Countries

12057 kB
Transfer

24111 kB
Size

103
Cookies

370 HTTP transactions
2 data transactions