urlscan.io logo urlscan.io
SecurityTrails logo

9to5google.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://buff.ly/3DtTV8u
Effective URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Submission Tags: tweet @riskigy #tmobile #breach #googlefi #cybersecurity #riskigy #security #phishing #cyberattack Search All
Submission: On February 02 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 12 countries across 69 domains to perform 312 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is 9to5google.com. The Cisco Umbrella rank of the primary domain is 133228.
TLS certificate: Issued by R3 on December 6th 2022. Valid for: 3 months.
This is the only time 9to5google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.13 396982 (GOOGLE-CL...)
20 192.0.66.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 52.85.5.65 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.180.230 15169 (GOOGLE)
4 23.203.124.192 16625 (AKAMAI-AS)
3 13.224.195.78 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
3 192.0.77.2 2635 (AUTOMATTIC)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 13.225.78.33 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
2 13.225.87.188 16509 (AMAZON-02)
1 15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 54.228.205.168 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 4 13.225.78.101 16509 (AMAZON-02)
1 13.224.189.73 16509 (AMAZON-02)
5 13.225.78.65 16509 (AMAZON-02)
1 99.86.4.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.224.189.79 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2602:803:c003... 26667 (RUBICONPR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 34.107.148.139 396982 (GOOGLE-CL...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 172.64.154.237 13335 (CLOUDFLAR...)
2 9 37.252.173.215 29990 (ASN-APPNEX)
2 18.156.195.47 16509 (AMAZON-02)
4 35.244.159.8 15169 (GOOGLE)
2 52.211.218.241 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 23.37.42.132 16625 (AKAMAI-AS)
4 172.64.151.162 13335 (CLOUDFLAR...)
2 2.18.235.93 16625 (AKAMAI-AS)
2 151.101.65.108 54113 (FASTLY)
2 142.251.39.67 15169 (GOOGLE)
2 185.64.189.115 62713 (AS-PUBMATIC)
3 8 104.18.33.19 13335 (CLOUDFLAR...)
3 7 2a00:1450:400... 15169 (GOOGLE)
3 4 37.157.5.142 198622 (ADFORM)
2 2 185.29.132.245 30419 (MEDIAMATH...)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.164 1299 (TWELVE99 ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
11 21 142.250.184.194 15169 (GOOGLE)
1 1 141.94.171.214 16276 (OVH)
1 52.49.185.121 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 35.204.74.118 396982 (GOOGLE-CL...)
4 35.71.131.137 16509 (AMAZON-02)
7 9 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 4 67.220.224.150 16509 (AMAZON-02)
4 7 52.46.128.147 16509 (AMAZON-02)
3 12 185.80.39.216 27381 (CASALE-MEDIA)
1 2 3.248.39.194 16509 (AMAZON-02)
2 2 135.125.160.77 16276 (OVH)
2 2 52.48.86.28 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 1 51.75.86.98 16276 (OVH)
2 2 176.34.141.217 16509 (AMAZON-02)
1 1 37.252.171.149 29990 (ASN-APPNEX)
2 142.251.208.98 15169 (GOOGLE)
15 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.64.189.226 62713 (AS-PUBMATIC)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 54.85.151.23 14618 (AMAZON-AES)
2 2 151.101.66.49 54113 (FASTLY)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 52.20.193.33 14618 (AMAZON-AES)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 3 3.68.131.77 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 178.62.202.251 14061 (DIGITALOC...)
312 86
1    67.199.248.13 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
buff.ly
20    192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
9to5google.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
9to5mac-com.videoplayerhub.com
2    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
20    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.85.5.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-5-65.sof50.r.cloudfront.net
launcher.spot.im
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net
ad.doubleclick.net
4    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
9    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
10    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
contributor.google.com
fundingchoicesmessages.google.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    13.225.78.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-33.fra2.r.cloudfront.net
cdn.viglink.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
15    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fi
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    54.228.205.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-205-168.eu-west-1.compute.amazonaws.com
api.viglink.com
3    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    13.224.189.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-73.fra2.r.cloudfront.net
direct-events-collector.spot.im
5    13.225.78.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-65.fra2.r.cloudfront.net
static-cdn.spot.im
1    99.86.4.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-93.fra6.r.cloudfront.net
publisher-assets.spot.im
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fi
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:20eb:8200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    13.224.189.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-79.fra2.r.cloudfront.net
api-2-0.spot.im
3    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
s0.2mdn.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.ru
4    2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
9    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
nineto5mac-d.openx.net
u.openx.net
2    52.211.218.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-241.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
18    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com
cdn.ampproject.org
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    142.251.39.67 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f3.1e100.net
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
7    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
21    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
1    52.49.185.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    3.248.39.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-39-194.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
2    52.48.86.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-86-28.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2600:9000:20eb:8a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    176.34.141.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-141-217.eu-west-1.compute.amazonaws.com
match.360yield.com
1    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
googleads4.g.doubleclick.net
15    2a02:26f0:dc:387::21cf (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
client.bannerspace.net
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.85.151.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    52.20.193.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-193-33.compute-1.amazonaws.com
a.audrte.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
3    3.68.131.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-77.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
44 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
static.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325
238 KB
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com
566 KB
26 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
image6.pubmatic.com — Cisco Umbrella Rank: 733
simage2.pubmatic.com — Cisco Umbrella Rank: 665
image2.pubmatic.com — Cisco Umbrella Rank: 872
aud.pubmatic.com — Cisco Umbrella Rank: 4113
t.pubmatic.com — Cisco Umbrella Rank: 3580
simage4.pubmatic.com — Cisco Umbrella Rank: 1166
image4.pubmatic.com — Cisco Umbrella Rank: 941
177 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 472
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
dsum.casalemedia.com — Cisco Umbrella Rank: 1385
15 KB
20 9to5google.com
9to5google.com — Cisco Umbrella Rank: 133228
370 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
59 KB
15 bannerspace.net
client.bannerspace.net — Cisco Umbrella Rank: 30903
260 KB
14 google.com
contributor.google.com — Cisco Umbrella Rank: 11342
adservice.google.com — Cisco Umbrella Rank: 70
ampcid.google.com — Cisco Umbrella Rank: 2213
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1957
www.google.com — Cisco Umbrella Rank: 2
10 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 454
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 548
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
20 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 534
secure.adnxs.com — Cisco Umbrella Rank: 409
44 KB
11 gstatic.com
fonts.gstatic.com
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com
151 KB
11 spot.im
launcher.spot.im — Cisco Umbrella Rank: 4646
direct-events-collector.spot.im — Cisco Umbrella Rank: 3785
static-cdn.spot.im — Cisco Umbrella Rank: 3765
publisher-assets.spot.im — Cisco Umbrella Rank: 4004
api-2-0.spot.im — Cisco Umbrella Rank: 2588
91 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
218 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
782 KB
7 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1129
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
region1.google-analytics.com — Cisco Umbrella Rank: 2456
21 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 8869
api.viglink.com — Cisco Umbrella Rank: 12507
31 KB
5 wp.com
stats.wp.com — Cisco Umbrella Rank: 2634
i0.wp.com — Cisco Umbrella Rank: 2986
pixel.wp.com — Cisco Umbrella Rank: 2462
63 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 189
32 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
29 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 577
cdn.indexww.com — Cisco Umbrella Rank: 1508
3 KB
4 openx.net
nineto5mac-d.openx.net — Cisco Umbrella Rank: 84150
u.openx.net — Cisco Umbrella Rank: 640
693 B
4 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2676
casale-match.dotomi.com — Cisco Umbrella Rank: 2524
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016
1 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1116
contextual.media.net — Cisco Umbrella Rank: 563
18 KB
4 google.fi
adservice.google.fi — Cisco Umbrella Rank: 81116
940 B
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 148
1 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 789
api.btloader.com — Cisco Umbrella Rank: 909
13 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 979
pixel.quantserve.com — Cisco Umbrella Rank: 676
cms.quantserve.com — Cisco Umbrella Rank: 632
11 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
124 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
188 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22942
498 B
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2249
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1110
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
741 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2166
790 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
40 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1019
843 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3641
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 626
447 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 912
1 KB
2 videoplayerhub.com
9to5mac-com.videoplayerhub.com — Cisco Umbrella Rank: 107083
742 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1938
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 601
191 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
763 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2435
382 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
632 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
524 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
338 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 685
442 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1836
173 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 25077
269 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 919
178 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
924 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 757
265 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2833
551 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 696
363 B
1 google.ru
ampcid.google.ru — Cisco Umbrella Rank: 388287
367 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 904
633 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 858
606 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1758
5 KB
1 buff.ly
buff.ly — Cisco Umbrella Rank: 61247
254 B
312 69
Domain Requested by
21 cm.g.doubleclick.net 11 redirects 9to5google.com
googleads.g.doubleclick.net
20 pagead2.googlesyndication.com 9to5google.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
20 9to5google.com 9to5google.com
18 tpc.googlesyndication.com googleads.g.doubleclick.net
9to5google.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
15 client.bannerspace.net s0.2mdn.net
client.bannerspace.net
13 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
9to5google.com
12 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 ib.adnxs.com 2 redirects ads.pubmatic.com
acdn.adnxs.com
googleads.g.doubleclick.net
9 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
8 simage2.pubmatic.com ads.pubmatic.com
8 www.youtube.com 9to5google.com
www.youtube.com
7 s.amazon-adsystem.com 4 redirects 9to5google.com
ssum-sec.casalemedia.com
7 www.google.com 3 redirects 9to5google.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
9to5google.com
5 pixel.rubiconproject.com 3 redirects 9to5google.com
5 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
9to5google.com
4 cdnjs.cloudflare.com s0.2mdn.net
4 aax-eu.amazon-adsystem.com 2 redirects 9to5google.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 match.adsrvr.org ads.pubmatic.com
9to5google.com
ssum-sec.casalemedia.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 jnn-pa.googleapis.com www.youtube.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.fi pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 sb.scorecardresearch.com 2 redirects 9to5google.com
4 api.viglink.com cdn.viglink.com
9to5google.com
4 ads.pubmatic.com 9to5google.com
ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 api-2-0.spot.im static-cdn.spot.im
3 www.googletagservices.com 9to5google.com
googleads.g.doubleclick.net
3 i0.wp.com 9to5google.com
3 c.amazon-adsystem.com 9to5google.com
c.amazon-adsystem.com
3 www.googletagmanager.com 9to5google.com
www.googletagmanager.com
2 cr.frontend.weborama.fr 1 redirects
2 a.audrte.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 t.pubmatic.com ads.pubmatic.com
2 googleads4.g.doubleclick.net 9to5google.com
2 match.360yield.com 2 redirects
2 s0.2mdn.net 9to5google.com
s0.2mdn.net
2 ups.analytics.yahoo.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 gu.dyntrk.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com
2 u.openx.net ads.pubmatic.com
2 acdn.adnxs.com ads.pubmatic.com
2 contextual.media.net ads.pubmatic.com
2 js-sec.indexww.com ads.pubmatic.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 ads.yieldmo.com ads.pubmatic.com
2 nineto5mac-d.openx.net ads.pubmatic.com
2 c2shb.ssp.yahoo.com ads.pubmatic.com
2 htlb.casalemedia.com ads.pubmatic.com
2 web.hb.ad.cpe.dotomi.com ads.pubmatic.com
2 prebid.media.net ads.pubmatic.com
2 hbopenbid.pubmatic.com ads.pubmatic.com
2 fastlane.rubiconproject.com ads.pubmatic.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 api.btloader.com 9to5mac-com.videoplayerhub.com
2 ad-delivery.net 9to5google.com
2 btloader.com 9to5google.com
2 9to5mac-com.videoplayerhub.com 2 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 image4.pubmatic.com
1 p.rfihub.com 1 redirects
1 mwzeom.zeotap.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 secure.adnxs.com 1 redirects
1 onetag-sys.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 euexchangesync.digitaleast.mobi 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.taboola.com 1 redirects
1 px.ads.linkedin.com 9to5google.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ampcid.google.ru www.google-analytics.com
1 static.doubleclick.net www.youtube.com
1 pixel.quantserve.com 9to5google.com
1 fundingchoicesmessages.google.com 9to5google.com
1 ampcid.google.com www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 publisher-assets.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 contributor.google.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 pixel.wp.com 9to5google.com
1 cdn.viglink.com 9to5google.com
1 secure.gravatar.com 9to5google.com
1 ad.doubleclick.net 9to5google.com
1 stats.wp.com 9to5google.com
1 launcher.spot.im 9to5google.com
1 fonts.googleapis.com 9to5google.com
1 buff.ly 1 redirects
312 119
Subject Issuer Validity Valid
9to5google.com
R3		 2022-12-06 -
2023-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.spot.im
Amazon		 2022-10-04 -
2023-11-01		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-21 -
2023-03-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
viglink.com
Amazon		 2022-10-13 -
2023-11-11		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.fi
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
quantserve.com
R3		 2023-01-10 -
2023-04-10		 3 months crt.sh
*.google.com.ru
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
werelddeal.klm.com
Sectigo RSA Organization Validation Secure Server CA		 2023-01-12 -
2024-01-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 42 frames:

Primary Page: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Frame ID: 53B97C0929E6A1AD8C73B16A8FF18A0E
Requests: 124 HTTP requests in this frame

Frame: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Frame ID: 41B87178533182811D6E70EB47D8C045
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
Frame ID: C885DDD4A925247E51096C024D229D34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&adk=1812271804&adf=3025194257&lmt=1675365320&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320307&bpp=5&bdt=869&idt=328&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5406572892927&frm=20&pv=2&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: 2BFD5335B65BCBE6A8647912580855C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Frame ID: 1B388CBDB1C2FE0516568EC96586062C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Frame ID: 0FEA5F4C0A7D3C1FEC40CB1D070E17FA
Requests: 1 HTTP requests in this frame

Frame: https://c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99CAEC3282AC2F6FA9CBD49B003007C7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 41EF6D9324F28C4FCC2F8F772F4520D5
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7987051E116BC338CF05C5A9EEA58BA2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Frame ID: 620B0B67672476A827C82A37CA2F6C5D
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C233%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 821D6D9B5BBE5D599309DC5F5562D255
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 387F32C87EAC3BD2F20C2BFC5C54FB00
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C233%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FF9BE039E7877B647BB0E25E2EF6B590
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4130CAE07086FD8D6F10F29AC3F00C4C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B5B8FE7380B83B0AFA3B8F10C6E2DBD5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7EA0F56F49C69A996FE7697C6FE67D5D
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0E52B2629E504BB3372C3F155744D2EC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Frame ID: 14D38E822027BA135961D727D8B381C1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E06AD399E7EA7933608ED4BE4F13CC48
Requests: 2 HTTP requests in this frame

Frame: https://p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 7997EAF9575D2D85C7480A6955548F96
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 33A04C7F5FA3F6267810C95E16443E86
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9601567E2DA210FC009F124A176EA2EA
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: E87B3EBAA5296BEA381CBE9F9E336CE0
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
Frame ID: 1D86D5D65018EDB961E37B9050099812
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&gdpr=0&gdpr_consent=
Frame ID: E7076346E474758DBDEB8F4CFC03278E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 999386480CEEABF28414F9C2A2627B2F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3663462214792805106
Frame ID: 7AD17DE949D1F3AF3DA591780755BC65
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
Frame ID: B4A56874DE43DD93658A9AB406DF3256
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4320526026636815619&gdpr=0&gdpr_consent=
Frame ID: 0F6C593411551ADD0C8084C2CF3469D9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: 82C35B25FD31996E7B0ECF8A604F1DD0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Frame ID: 68242607D71FF8F231E9562A095E3FEF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CA3FFADDFCCB2D7F618713614212F20C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: AA6110F6A1B529714D67D8750FFB24A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90BB3DFDAB6F2B4F15E263FCF989A8CC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85C78D63BD40026416FC5AAD359BFA8C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Frame ID: 8CF81D36B5556609BB8D322AC7E28FAA
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB9D67961507545BED05DFF63F35ECD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B33735255675F471DEFF7E498F98A479
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3883BA43-0F03-41DD-930F-D0B82E6F9611&redir=true&gdpr=0&gdpr_consent=
Frame ID: 93CF7C81E8A21D7F31347683A014174C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195639279748053147&gdpr=0&gdpr_consent=
Frame ID: A9A46436AA1D8C9723A81857DBF52BAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XfmeCcReQqx0ai5eOx9bDcIihpQ&gdpr=0&gdpr_consent=
Frame ID: 2699A1A848DAB35ED4BCD5E981DC29EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9wLzQAAATZt_wAF&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF
Frame ID: 17681B54FDC03523B93AEC325449A4D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google Fi seemingly affected by T-Mobile data breachGoogle News

Page URL History Show full URLs

  1. https://buff.ly/3DtTV8u HTTP 301
    https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

312
Requests

84 %
HTTPS

33 %
IPv6

69
Domains

119
Subdomains

86
IPs

12
Countries

3577 kB
Transfer

9934 kB
Size

85
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://buff.ly/3DtTV8u HTTP 301
    https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1 HTTP 301
  • https://btloader.com/tag?h=9to5mac-com&upapi=true
Request Chain 27
  • https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1 HTTP 301
  • https://btloader.com/tag?h=9to5mac-com&upapi=true
Request Chain 69
  • https://sb.scorecardresearch.com/b?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&c9=
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 158
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 160
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 164
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 179
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
Request Chain 180
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&gdpr=0&gdpr_consent=
Request Chain 182
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3663462214792805106
Request Chain 183
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
Request Chain 184
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4320526026636815619&gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OIO6Qw8DQd2TD9C4Lm-WEQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 186
  • https://pixel.onaudience.com/?partner=214&mapped=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 187
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3883BA43-0F03-41DD-930F-D0B82E6F9611&addseg=25
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzg4M0JBNDMtMEYwMy00MURELTkzMEYtRDBCODJFNkY5NjEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGFahsTxXDrZB-VxVoJF0to&google_cver=1
Request Chain 191
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=934466441402492417
Request Chain 193
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNH97L7-1N-3FHK
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPJX75Cq1t6fZJ4K6LOswLQ&google_cver=1
Request Chain 195
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5WRfJnFOvlA43nJEWHkRgcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_veOqENE2oK4STANDVHFuoifIZZJy_GFi6sJfg--~A
Request Chain 197
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WtgD0kj1QNWWqnWQskFaUg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WtgD0kj1QNWWqnWQskFaUg
Request Chain 198
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MzNTY2Yjg0ZmJjOTAwMjgxNzZiYmNjYWQyYmI3NWY0ZTkwM2IwNA
Request Chain 200
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jzcIlOyQTLGaCFSm-Gj5fw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jzcIlOyQTLGaCFSm-Gj5fw
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9wLyoymbtqZLuTnnu8t6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&dcc=t
Request Chain 205
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=14ca63dc-0bcb-4d00-b55d-327ab5569635
Request Chain 206
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697
Request Chain 207
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 208
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANaYU7HuBgAAB9G0iX3zw&expiration=1676574922
Request Chain 211
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Request Chain 212
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&dcc=t
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
Request Chain 214
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAA%26667 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b4e07c0-9eb7-44f2-9ce4-13fe385544a3-tuctad5914a
Request Chain 215
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
Request Chain 216
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675451722
Request Chain 217
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=19e86ced-3438-4b1e-935c-e9bef0a99943
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Request Chain 240
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9wLyoymbtqZLuTnnu8t6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECGv9LHt-8IaoD4IlmVE-jM&google_cver=1
Request Chain 242
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D
Request Chain 246
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 247
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpMnwegEaohHsnEHYAAhWs&google_cver=1&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRxKR1_FwJOrMAD0cZA2elxfNfbFkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRxKR1_FwJOrMAD0cZA2elxfNfbFkA
Request Chain 257
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_cver=1&google_push=Aa02lx_93euSYirkgmtZ2oX1dN5GiJOvDDe6kQXJ-BFi4dOCqB4mPatJ4lbvHcCEuw0GMB5Gz_FYgbsZxWMfGAaB-UlkN-HgCqrDdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&google_nid=index&google_push=Aa02lx_93euSYirkgmtZ2oX1dN5GiJOvDDe6kQXJ-BFi4dOCqB4mPatJ4lbvHcCEuw0GMB5Gz_FYgbsZxWMfGAaB-UlkN-HgCqrDdQ
Request Chain 258
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP2wi8jmFdEQWB4QhObuPSo&google_cver=1&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt95H49ZBaTV09aQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt95H49ZBaTV09aQ
Request Chain 259
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBsG-W1dMQraEL4S209eF-s&google_cver=1&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB8LV7oNsM8WmE2jjZhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB8LV7oNsM8WmE2jjZhQ
Request Chain 260
  • https://match.360yield.com/match/ebda?google_gid=CAESENyPi0nIfkqHZA5eAL8qi-w&google_cver=1&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjdloUrtA4A HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENyPi0nIfkqHZA5eAL8qi-w&google_cver=1&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjdloUrtA4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88GiOrVXT-SyVk8INxZYQQ&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjdloUrtA4A
Request Chain 261
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZuz2bLePdbcgTOMJ8fSbRLZsu6v-YKUba5tnHiD7MP-9pOCNXEsHsOO7WzbHDbGBu_QLo713MwZX94piIowVmnQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZuz2bLePdbcgTOMJ8fSbRLZsu6v-YKUba5tnHiD7MP-9pOCNXEsHsOO7WzbHDbGBu_QLo713MwZX94piIowVmnQ
Request Chain 285
  • https://sb.scorecardresearch.com/c2/20278522/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 304
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195639279748053147&gdpr=0&gdpr_consent=
Request Chain 305
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XfmeCcReQqx0ai5eOx9bDcIihpQ&gdpr=0&gdpr_consent=
Request Chain 306
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9wLzQAAATZt_wAF&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF
Request Chain 307
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 309
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3883BA43-0F03-41DD-930F-D0B82E6F9611 HTTP 302
  • https://a.audrte.com/p
Request Chain 310
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3667257824
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433826301371471&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04014986-0eba-466a-aff0-c516ed5a13ef&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kG7DhvdE2uXA5q0F9dc153edlXE4QiM-~A&gdpr=0
Request Chain 316
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9234bece-ce30-4f4d-85d0-d09cadab0186&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

312 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Redirect Chain
  • https://buff.ly/3DtTV8u
  • https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
97 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
367da94b0805fe0720fc87c6a119ffa3287883600f71fefe53284d227ac4fefe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:19 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://9to5google.com/wp-json/>; rel="https://api.w.org/" <https://9to5google.com/wp-json/wp/v2/posts/550903>; rel="alternate"; type="application/json" <https://9to5google.com/?p=550903>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
miss
x-distributor
yes
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
arn1 0 4 9980

Redirect headers

cache-control
private, max-age=90
content-length
151
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 19:15:18 GMT
location
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
referrer-policy
unsafe-url
server
nginx
adsbygoogle.js
9to5google.com/wp-content/themes/9to5-2015/assets/js/ 		21 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-content/themes/9to5-2015/assets/js/adsbygoogle.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Nov 2022 19:39:42 GMT
server
nginx
age
6714495
etag
"63695efe-15"
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21
expires
Fri, 02 Feb 2024 19:15:19 GMT
/
9to5google.com/_static/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/_static/??-eJyNj9EOgjAMRX/I0aAJ6IPxW0bXwLSMZS0x+3sHRgOJDz7e9p72XnhG4wPy7EgARcB5Ueh4wodh3yWbMohmpmr0oSqGA2yJu8BIzltiGinoTkS2mZJh6i3m//Cy2+odhFPQ9cVsIs+9DwJCNuEAxFbUY0z0yb8USWWs5EycRMW8G61N5HeWhcFySTwaHcr/r+82XuumPZ6bU1tfXieLcfE=
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 04 Jan 2023 20:21:59 GMT
server
nginx
age
174227
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15666
darkmode.css
9to5google.com/wp-content/themes/9to5-2015/assets/css/ 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-content/themes/9to5-2015/assets/css/darkmode.css?m=1674153555g
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 18:39:15 GMT
server
nginx
age
234552
etag
W/"63c98e53-a500"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5622
expires
Fri, 02 Feb 2024 19:15:19 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 02 Feb 2023 19:15:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 19:05:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Feb 2023 19:15:19 GMT
/
9to5google.com/_static/ 		425 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o24ysPETfIraQpBa8jejvi4Lu3R7MzKNjU37NwllIZk4MsrIaVVfakANYQB4gxOCX8l4F/SnUY/zr5IyMMoX8ZSH7uE/88slhDvfRp4xp0G3XtNbYXl8A9EjG
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 26 Jan 2023 01:19:41 GMT
server
nginx
age
498111
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
85879
/
9to5google.com/_static/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-includes/js/jquery/jquery-migrate.min.js,/wp-content/themes/9to5-2015/assets/js/vendor/darkmode.js?m=1674153555j
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe1f6d4d5f315c6c76f7c83531880a198f90af3eae5b1f4333d047ced3083a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 18:39:15 GMT
server
nginx
age
498111
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35805
tag
btloader.com/
Redirect Chain
  • https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
  • https://btloader.com/tag?h=9to5mac-com&upapi=true
14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=9to5mac-com&upapi=true
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26cf72408010e44483b8286769e5fefdb067d62753e9431af3b82a37f48917b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 18:20:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3278
etag
W/"86cc76c76647d940589403bfe4f150c1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FAxEeNZZTashdGnEn4PZYDm2UNXn8vZgBAG07tsr4TzpbBfQ1A%2BO5ZvsTfaPUauUJsYTkvIw3B9E0YUtpYJelvpOnk%2BfOJuGOKHrrz4zC1%2F6YjRDN2rsGbisv%2FmyqXDvnNInYDHUNiiPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
793541401919d943-HEL

Redirect headers

date
Thu, 02 Feb 2023 19:15:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHx6zMRc51MQ3UaYCNBbSbr2fV5OVAQoxuzGY8asdlWn1c8KX2LIsnfAGg4vEfcWapC8QxEUcuTQE5b9514XKuRSJOeRvHBaL7T19ySbHk8JXPmKullCCw6IklBtGk8OIhnwYfoDy7iRCPEskfXfEbdZ%2FPgOTcXoDl%2FqKg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=9to5mac-com&upapi=true
cache-control
max-age=3600
cf-ray
7935413f5a7fdf68-HEL
expires
Thu, 02 Feb 2023 20:15:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc004cd658bbfc9de2c0c6c887be9e848c8311d631057e128269c979c0ae05c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50106
x-xss-protection
0
server
cafe
etag
9841532016598735900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 19:15:20 GMT
cropped-new-9to5-google-logo.png
9to5google.com/wp-content/uploads/sites/4/2018/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2018/10/cropped-new-9to5-google-logo.png
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
052de6675c51ba85ae7e985de0fa1b3de9bfed30ab5f50ed1b694f1b62b2928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 27 443
last-modified
Wed, 20 Jul 2022 17:10:04 GMT
server
nginx
etag
"9347ba2f67dcaace"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9954
expires
Thu, 20 Jul 2023 17:10:04 GMT
sp_rVSSRN5u
launcher.spot.im/spot/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_rVSSRN5u
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.5.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-5-65.sof50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d941ab98bb52ea16daa41cea3fdb27d0fd233490e208bacac0b8b1b1e588240

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
F2Rjv2FxtXWiRNEvy0JT5TgiBlAzZo2L
content-encoding
br
via
1.1 6cb2159131a7fce812d93d19590bd616.cloudfront.net (CloudFront)
date
Thu, 02 Feb 2023 19:15:21 GMT
x-amz-cf-pop
SOF50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
21555
last-modified
Thu, 02 Feb 2023 18:24:27 GMT
server
AmazonS3
etag
"567939bb86bbf80cf5ac435b05fee232"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
hDpsC-P_fUhc8SUd9cPPJQu_EVc8jZdEnJTMT_qlz1tePz1UQMXQmA==
vip-powered-light-small.png
9to5google.com/wp-content/mu-plugins/vip-helpers/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-light-small.png?ver=20220317
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Nov 2022 17:53:04 GMT
server
nginx
age
56617
etag
W/"637d0c80-843"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2138
expires
Fri, 02 Feb 2024 19:15:19 GMT
/
9to5google.com/_static/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/_static/??-eJyVzjsSwjAMBNALYUQAw1AwnAUcQRRsyWPJYeD0fAsKCtJtsW9n4ZJdEDZkA+swocLGxLv5rPGwV0VT6BWStFiYbsVJtVxt2usE/qNMjCZHGnCaiEdA4iMxGToNRWL8pXOsJ2KFXLWr+Yne6btLHGJt8TUZJKWHcwVzvI68MyC3UkCNwvl6INOP36Vts1ovG7/w3vd37g94lQ==
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6c43edec8d8e4c1dc0fd7a49bc480082390ad590dd9d5ff510980ae328c9b8e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 18:39:15 GMT
server
nginx
age
52928
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24099
mediaelement-and-player.min.js
9to5google.com/wp-includes/js/mediaelement/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 04 Jan 2023 20:21:59 GMT
server
nginx
age
56617
etag
W/"63b5dfe7-26935"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
38823
expires
Fri, 02 Feb 2024 19:15:19 GMT
/
9to5google.com/_static/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeHo5mamFyWWpOrlZubpZRXr6OPTCJRD5kP12OfaGpqZG1mYGZsbWmYBAA7kLGY=
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 04 Jan 2023 20:21:59 GMT
server
nginx
age
234552
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
921
e-202305.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202305.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT arn
date
Thu, 02 Feb 2023 19:15:19 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Wed, 24 Jan 2024 05:54:37 GMT
gtm.js
www.googletagmanager.com/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b7351ebc60bac39b44ab2ae8aab65bbad91852b2e108211520b6782e1e45c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70299
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 18:21:29 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Feb 2023 19:15:20 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5LZ9VX
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fa97e776595432f6aea07a74bb410bb746d7fd0e4e324c3717db153bf83e5a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44144
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 18:15:57 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Feb 2023 19:15:20 GMT
wp-emoji-release.min.js
9to5google.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 04 Jan 2023 20:21:59 GMT
server
nginx
age
52928
etag
W/"63b5dfe7-48b9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5004
expires
Fri, 02 Feb 2024 19:15:19 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
244970
x-guploader-uploadid
ADPycdtergD3LR9P6Kfnb_cw3TwIRFZgSpTmw5QPadRjzeeUf7L7PZfNEcWh19jk51kJZ3BXPP6Gdi-eM34PseEauenjuusgzhnc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyCt7lrct8mWngtcoYlcyF9k9woDwyx6ilDWlSlNgXf7PFfrPT5Fe%2F2U1V8V1FdNrV%2BvcI%2F78LzxLwCwAgEBOsFxl6s2XsuQbVXtyBZnIx3XkYr0omLamShKc6TGrXFVBtVWkEYJ%2FYVSG5Ysrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
79354141bf3fdf68-HEL
expires
Mon, 30 Jan 2023 23:22:39 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Feb 2023 14:27:09 GMT
px.gif
ad-delivery.net/ 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5885451108662747
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
244970
x-guploader-uploadid
ADPycdtergD3LR9P6Kfnb_cw3TwIRFZgSpTmw5QPadRjzeeUf7L7PZfNEcWh19jk51kJZ3BXPP6Gdi-eM34PseEauenjuusgzhnc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qw70bJp%2B8UYzMoT1Z3qZ7ssdFTS2qqCKQhAT95WzQhXqDQ3sfct1cw2EGHiZCu8pD8UuNh1eQBlpAixSiCDK%2FyH6JBzRHl0oLnsIXmbpNKkUxuynK65UxRdDIsFPIqPcRdQqXT3DYgJPqsOUjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
79354141bf43df68-HEL
expires
Mon, 30 Jan 2023 23:22:39 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161751/6840/ 		473 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13f8cd8875ae6aaee24c8be69c7ace951a9a6cf798747b8db1ff5ce31d5f4acc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
last-modified
Fri, 07 Oct 2022 19:59:37 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90469
accept-ranges
bytes
content-length
143056
expires
Fri, 03 Feb 2023 20:23:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:22:22 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2023 21:25:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
3179
x-amz-server-side-encryption
AES256
etag
W/"a32dad266af898d87dd85cf65ca93536"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
84dvmAR-B2FCR3ky4d9diStV2AxkxWYQ0N7nCGbQ364dKRuOrx-vXg==
svg-sprite-2020.svg
9to5google.com/wp-content/themes/9to5-2015/images/ 		75 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-content/themes/9to5-2015/images/svg-sprite-2020.svg?ver=1674153556
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
content-encoding
gzip
x-rq
arn1 0 4 9980
last-modified
Thu, 19 Jan 2023 18:39:16 GMT
server
nginx
strict-transport-security
max-age=31536000
age
315
etag
W/"63c98e54-12bb2"
vary
X-Mobile-Class
x-cache
grace
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22685
expires
Fri, 02 Feb 2024 19:15:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options
nosniff
age
285984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:48:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 15:23:02 GMT
x-content-type-options
nosniff
age
273138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 15:23:02 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 01:58:46 GMT
x-content-type-options
nosniff
age
62194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 01:58:46 GMT
tag
btloader.com/
Redirect Chain
  • https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
  • https://btloader.com/tag?h=9to5mac-com&upapi=true
14 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=9to5mac-com&upapi=true
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26cf72408010e44483b8286769e5fefdb067d62753e9431af3b82a37f48917b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 18:20:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3278
etag
W/"86cc76c76647d940589403bfe4f150c1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJJVdfJ1I4E42YesNY9iqpVUeagrV0Rd2ptV0z1fMxXngX16uqoatVgQPeP0Fy2TxvWUfzEkD%2Fs4Kk7UPN3rmeASqvDlZucARyI7nqamaQd94lfhau20rM%2FWkUIRViijHKIs383EhoPE%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
79354141cd13d943-HEL

Redirect headers

date
Thu, 02 Feb 2023 19:15:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rU%2Bk2%2FPfwfJhWQ%2FujjDNPmHsOrJPwbgId40bAhS790YIbZffwq%2FEYOHRrio%2FmdAcyMI9ZK8m3Cpcr5nIzJuHBkTaf1BHC3aNRTrkaxeLlh9OXVGddrl4yIzl7sqaf%2FfOynRKjLQCQD2pOQTHtDTT9U2nQco4aB9z2ZOb8g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=9to5mac-com&upapi=true
cache-control
max-age=3600
cf-ray
793541414e59df68-HEL
expires
Thu, 02 Feb 2023 20:15:19 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
top-leaderboard-bg.png
9to5google.com/wp-content/themes/9to5-2015/images/ 		374 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/themes/9to5-2015/images/top-leaderboard-bg.png
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
x-rq
arn1 0 4 9980
strict-transport-security
max-age=31536000
last-modified
Mon, 12 Sep 2022 21:00:07 GMT
server
nginx
age
12278856
etag
"631f9dd7-176"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
374
expires
Fri, 02 Feb 2024 19:15:19 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:08:43 GMT
x-content-type-options
nosniff
age
7597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:08:43 GMT
9to5.woff2
9to5google.com/wp-content/themes/9to5-2015/assets/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9to5google.com/wp-content/themes/9to5-2015/assets/fonts/9to5.woff2?r027eh
Requested by
Host: 9to5google.com
URL: https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o24ysPETfIraQpBa8jejvi4Lu3R7MzKNjU37NwllIZk4MsrIaVVfakANYQB4gxOCX8l4F/SnUY/zr5IyMMoX8ZSH7uE/88slhDvfRp4xp0G3XtNbYXl8A9EjG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o24ysPETfIraQpBa8jejvi4Lu3R7MzKNjU37NwllIZk4MsrIaVVfakANYQB4gxOCX8l4F/SnUY/zr5IyMMoX8ZSH7uE/88slhDvfRp4xp0G3XtNbYXl8A9EjG
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
age
315
x-cache
grace
content-length
2287
x-rq
arn1 0 4 9980
last-modified
Thu, 19 Jan 2023 18:39:15 GMT
server
nginx
etag
W/"63c98e53-8d8"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 19:15:19 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 20:08:48 GMT
x-content-type-options
nosniff
age
428792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17508
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 20:08:48 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 01:55:47 GMT
x-content-type-options
nosniff
age
148773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17336
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 01:55:47 GMT
google-fi-mvno-cover-3.jpeg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2021/04/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2021/04/google-fi-mvno-cover-3.jpeg?w=2000&quality=82&strip=all&ssl=1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
28069363314d1047b29df125b048596e641973c1d885b10040440de1f1a75459
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT arn 1
date
Thu, 02 Feb 2023 19:15:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 29 Jan 2023 13:26:03 GMT
server
nginx
etag
"bba68a02afbffcef"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://9to5google.com/wp-content/uploads/sites/4/2021/04/google-fi-mvno-cover-3.jpeg>; rel="canonical"
content-length
48684
expires
Wed, 29 Jan 2025 01:26:03 GMT
pL2fbFuYs3o
www.youtube.com/embed/ Frame 41B8 		43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28d1ce65e8581699ad8a443547cfd978b052316e77b3936c05c5ca42d57cfa44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		102 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
text/css;charset=UTF-8
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9to5google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:07:02 GMT
x-content-type-options
nosniff
age
61698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 02:07:02 GMT
google_fi_3.jpg
9to5google.com/wp-content/uploads/sites/4/2018/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2018/11/google_fi_3.jpg?quality=82&strip=all&w=290&h=145&crop=1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ac6670e91963e7c337c31b6690debfbf9d31fdb3158070629a8e5691cce4ac61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 28 443
last-modified
Tue, 24 Jan 2023 12:26:44 GMT
server
nginx
etag
"61935082051328f4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7794
expires
Wed, 24 Jan 2024 12:26:44 GMT
53c3eccb0df53253da7fb21049b682a7
secure.gravatar.com/avatar/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/53c3eccb0df53253da7fb21049b682a7?s=128&d=mm&r=r
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82542050d660c4a966c91b010ca530bb44ee7f51d40abaa789032ca0c943edb7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT arn 4
date
Thu, 02 Feb 2023 19:15:20 GMT
last-modified
Thu, 21 Mar 2019 17:02:54 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="53c3eccb0df53253da7fb21049b682a7.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/53c3eccb0df53253da7fb21049b682a7?s=128&d=mm&r=r>; rel="canonical"
content-length
5225
expires
Thu, 02 Feb 2023 19:20:20 GMT
galaxy-watch-5-blue-1-1.jpg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/galaxy-watch-5-blue-1-1.jpg?resize=300%2C175&quality=82&strip=all&ssl=1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2a0c76409e0c1df95cffa13f03111eb4d749077b253568060b36f81dd721f4de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT arn 8
date
Thu, 02 Feb 2023 19:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 18:53:00 GMT
server
nginx
etag
"1971de775420631c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://9to5google.com/wp-content/uploads/sites/4/2022/08/galaxy-watch-5-blue-1-1.jpg>; rel="canonical"
content-length
6642
expires
Thu, 29 Aug 2024 06:53:00 GMT
pixel-watch-concentric-2.jpg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/10/pixel-watch-concentric-2.jpg?resize=300%2C175&quality=82&strip=all&ssl=1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3d0cb392628858977666615ad34a5e37cb52f338aafaaac8dea67f513f6b630c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT arn 5
date
Thu, 02 Feb 2023 19:15:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 03 Dec 2022 14:45:40 GMT
server
nginx
etag
"f31da28f3469abc6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://9to5google.com/wp-content/uploads/sites/4/2022/10/pixel-watch-concentric-2.jpg>; rel="canonical"
content-length
5538
expires
Tue, 03 Dec 2024 02:45:40 GMT
vglnk.js
cdn.viglink.com/api/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-33.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d107166ca632d15c63b84b8e79c75dfc9cd9619e6461b489f458180c8f4682e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 11:52:48 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Feb 2023 11:51:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
26553
etag
"5ba7d3fdae893214c48304ec6b0ac421"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28945
x-amz-cf-id
4u4FxibOSejwmU6ndMHY5NEevTo2D02LNU74yS-mMDMhV31Fsz-Hbg==
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=146091833&post=550903&tz=-8&srv=9to5google.com&hp=vip&j=1%3A11.7.1&host=9to5google.com&ref=&fcp=1290&rand=0.5067752340330138
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Feb 2023 19:15:20 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Galaxy-S23-Ultra-Pixel-7-Pro-3.jpg
9to5google.com/wp-content/uploads/sites/4/2023/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2023/02/Galaxy-S23-Ultra-Pixel-7-Pro-3.jpg?quality=82&strip=all&w=1280
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8ef0a9115545b0547425ced87931c7d8cfbb2f988be7c1882e83918a9181180f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 198 443
last-modified
Thu, 02 Feb 2023 17:12:31 GMT
server
nginx
etag
"730a2c1c39b0edd1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
29792
expires
Fri, 02 Feb 2024 17:12:31 GMT
Android-13-post-launch-logo-1.jpg
9to5google.com/wp-content/uploads/sites/4/2022/08/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2022/08/Android-13-post-launch-logo-1.jpg?quality=82&strip=all&w=1280
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1c84b77733dc7ac43e71a7007b2dea57b29e7a3b86df34dfd14b833275002bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 139 443
last-modified
Wed, 01 Feb 2023 19:27:09 GMT
server
nginx
etag
"ab687d365e6cc794"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24586
expires
Thu, 01 Feb 2024 19:27:09 GMT
Samsung-XR-Android.jpg
9to5google.com/wp-content/uploads/sites/4/2023/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2023/02/Samsung-XR-Android.jpg?quality=82&strip=all&w=1280
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d11694cecfbc5e4bea373a6996b0b3aa5fe8177c4db76db321eafcf02b4221e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 196 443
last-modified
Wed, 01 Feb 2023 18:54:52 GMT
server
nginx
etag
"83862de45102992f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
29824
expires
Thu, 01 Feb 2024 18:54:52 GMT
galaxy-s23-series-1.jpg
9to5google.com/wp-content/uploads/sites/4/2023/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9to5google.com/wp-content/uploads/sites/4/2023/02/galaxy-s23-series-1.jpg?quality=82&strip=all&w=1280
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
babb32c829d4a4d5af37ce9046ddfe32208265bf3726fb16e207f1de8169c09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=31536000
x-rq
arn1 109 142 443
last-modified
Wed, 01 Feb 2023 19:09:55 GMT
server
nginx
etag
"ce027783ba6f61a7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12250
expires
Thu, 01 Feb 2024 19:09:55 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=OMcLopHvn&w=5671021014155264&o=5740908856213504&cv=2.1.06-2-g014272c&r=false&vr=1600x1200&pageURL=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&sid=MMCWcD4EV&upapi=true
Requested by
Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Feb 2023 19:15:20 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5google.com&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:13:55 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
3685
x-cache
Hit from cloudfront
access-control-allow-origin
https://9to5google.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Aj24mM4cim4cMZiUsPKdHyUFIKNuDs38NU1hFTOHYbNjcx6oXYTzFQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&pid=GZqXkQ4p02YaZ&cb=0&ws=1600x1200&v=23.127.1625&t=2000&slots=%5B%7B%22sd%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22s%22%3A%5B%22300x250%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22div-gpt-ad-1%22%7D%5D&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
047TR3X2F255ETKZ1YKW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QmMjxfXak59Ra9Y8MpY-9euIkG4oqEXXZczxXlaP9o8VzjLTIv_3gg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Thu, 02 Feb 2023 05:04:02 GMT
x-amz-cf-pop
FRA2-C1
age
51079
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
D6g_PA1-6-9onp03lvRtOboDZvUKZOd1R_5TUqt442cDgbMa0CCsaQ==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 		359 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2a69a76db29280ea1efc7c070e7307204598f88121b69e07c50ec8c219999d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120764
x-xss-protection
0
server
cafe
etag
15811522622171214973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 19:15:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/ Frame C885 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
16489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 14:40:31 GMT
etag
10353107486223812946
expires
Thu, 16 Feb 2023 14:40:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04502778c5b4d93eb6f499b2d2173aa4d65ce81954d35db476ee2ab206f73e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27270
x-xss-protection
0
server
sffe
etag
"1471 / 772 of 1000 / last-modified: 1675339640"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 19:15:20 GMT
www-player.css
www.youtube.com/s/player/dac945fd/ Frame 41B8 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdea712f7fa78d05c22445fca3113c61dbc4430adc496ace58a72dd601870251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:41:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
30805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49943
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 10:41:55 GMT
www-embed-player.js
www.youtube.com/s/player/dac945fd/www-embed-player.vflset/ Frame 41B8 		343 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20fe3b7758001893052f543475659ed408f077a1a756057b5f2bddb42df38053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
48907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109695
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 05:40:13 GMT
base.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/ Frame 41B8 		2 MB
601 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0931402f65c46abd8b54c41cf4ec1b4b41f9f3480c79035cb756995bb7e3ebaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
267837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
614851
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:51:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/ Frame 41B8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 09:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
35841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 09:17:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 41B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:18:51 GMT
x-content-type-options
nosniff
age
280589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 13:18:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 41B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:11:58 GMT
x-content-type-options
nosniff
age
21802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:11:58 GMT
ping
api.viglink.com/api/ 		288 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.205.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-205-168.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
90f9a59759b42823c1a345951cfa99b4eff67f2087692d975a2f2ed6ab7a7720

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://9to5google.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
288
Expires
Thu, 01 Jan 1970 00:00:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8c979ed3785f184174cba3c38dd0ebbd5b244add676982d9aeafb57b3e53b1a4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
etag
"j4o3/UzQJzEULY/aoGayAw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Feb 2023 19:15:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 18:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1230
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Feb 2023 20:54:50 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D2FJXCHD85&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5LZ9VX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9616a3531ab06e77e0d897c5733bbf342515cf74a95500fdd46bcb14c7b1b69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77024
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Feb 2023 19:15:20 GMT
loader.js
contributor.google.com/scripts/16178437623bc61c/ 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/16178437623bc61c/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-Y8Mw0hXdURLZs23OnFh9Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport, script-src 'report-sample' 'nonce-Y8Mw0hXdURLZs23OnFh9Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 06:49:57 GMT
age
44723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 02 Feb 2024 06:49:57 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&c9=
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hdIGmGHpqJJkRUg5ouS7SIdfRfKHhYRQpP21eTfJzYB8c2fmIjD6Dw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20278522&ns__t=1675365320458&ns_c=UTF-8&c8=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&c7=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&c9=
date
Thu, 02 Feb 2023 19:15:20 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
0
x-amz-cf-id
EvVgYddBE7_xN7HLh3yNnsuDoRS944EwBf7XZBsKFRxH9EsYHEMoLA==
x-cache
Miss from cloudfront
events
direct-events-collector.spot.im/api/v2/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-73.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 02 Feb 2023 19:15:20 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
oznpPInqAfbWmtiHKxpF-SIVBkdpVYs_uSJxX-B8LJsmKNfhLYg_Lg==
x-cache
Miss from cloudfront
971-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/971-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
678c921ec9968495bf1bf8f9fe1a356c0293569814bcd9d8a837423a35d35a6e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 16:36:25 GMT
content-encoding
br
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-version-id
LFcvklddU7lkQXoCKXd1HfQhECZg2YYq
x-amz-cf-pop
FRA2-C2
age
787136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
18027
last-modified
Tue, 24 Jan 2023 16:15:22 GMT
server
AmazonS3
etag
"cc45c43c2d691261c94c6bf8ca0dbe3f"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
F917F14msf2_LkJJbnho3vFDtXV2Tu809WFnLO4Ozzwwjb17V6PUuA==
561-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/561-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc1a332ce0647cda82518800a1b603315365649019d38a2fe27d02a790066e76

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 16:36:25 GMT
content-encoding
br
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-version-id
mHxNLwQKUdW0objZz0attQ_jqPT85hsA
x-amz-cf-pop
FRA2-C2
age
787136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28100
last-modified
Tue, 24 Jan 2023 16:15:22 GMT
server
AmazonS3
etag
"32f34adf1748b667d4894c2cf995263a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MNHF2HjZXUgIIXuPLJWsOF7L9iTj2REudligb-3f3i63c7NfUvizSw==
830-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/830-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8edee7bf0e2766a48361e76b2dd3e5b43c28796e93ca46ef479e28b605a58d5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 16:36:25 GMT
content-encoding
br
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-version-id
gvnU2C2PFoK2syn6.khpr3i8rf0lrHmy
x-amz-cf-pop
FRA2-C2
age
787136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2982
last-modified
Tue, 24 Jan 2023 16:15:22 GMT
server
AmazonS3
etag
"4560819e170b6e8e69c7ebd8875b3505"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JlY_UU2AcfwWusrgSXUvTWJhOplIVh8AsUbPBN--8zw_O8rJmobtCw==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c60b9fdd3bf8ac55bfdbbbba6a04c732b567e6330af2ffc4e2dfe3b99341f6a4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:02:00 GMT
content-encoding
br
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-version-id
GWJT5QVu6PytnOKfreHbJeq1iTWXjk0d
x-amz-cf-pop
FRA2-C2
age
512001
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8784
last-modified
Tue, 24 Jan 2023 16:15:22 GMT
server
AmazonS3
etag
"0f92134830e8f7f5c564650c8d0a1427"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
W1LRGvRM_0T3uo4x5VdHQXsR08LvgxbWFTsB1RA_9l6zk38xF_AL4g==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-93.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 04:55:31 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
51590
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
_ABE4BRjTgm6aMiv9UHjrRBQw8czaLVAccUhfBtta6Bt8oa_gi8y-w==
cookie.js
partner.googleadservices.com/gampad/ 		395 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=9to5google.com&callback=_gfp_s_&client=ca-pub-8513483021683571
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43b4b03c4d2e960e357d3984b5e10f8a9953309ce0d6bf909c753241dee5b947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
integrator.js
adservice.google.fi/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/adsid/integrator.js?domain=9to5google.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9to5google.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&tn=HEADER&id=js-site-header&cls=site-header%20js-header-normal&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2BFD 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&adk=1812271804&adf=3025194257&lmt=1675365320&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320307&bpp=5&bdt=869&idt=328&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5406572892927&frm=20&pv=2&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
447d86ae49eafdf98c0b29671cc846a788222f964ff52086814a2e8614b5f17e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
847
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:20 GMT
expires
Thu, 02 Feb 2023 19:15:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1B38 		85 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7dc0cc49d4fb83ecb1982d12480ef700877d0afa7cff0db4224de27186f9695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32305
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:21 GMT
expires
Thu, 02 Feb 2023 19:15:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D2FJXCHD85&gtm=2oe210&_p=296853756&cid=602077083.1675365321&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675365320&sct=1&seg=0&dl=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&dt=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2FJXCHD85&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://9to5google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023013001.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133639
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 09:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 16:09:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		162 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=9to5google.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d320910eb20c3179d95a6110f64c2eb0c949b1cb0738d841fbe50cf3769aba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91
x-xss-protection
0
expires
Thu, 02 Feb 2023 19:15:20 GMT
rules-p-18TTuBOnUhD7c.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-18TTuBOnUhD7c.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:37:25 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:17:51 GMT
server
AmazonS3
etag
"5bf9ece14f1402b9d9ef75c1c1280a16"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9jPosY_CDZNjPrxfzbwwyNJDxuC6nP2DMZ7Xlc4g5DvvVVg6en9w-Q==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5c4b08e25c86c8e2155f7fb34c0213ba67d57226ddd803a486fa69f8d32ec38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
sync.js
api.viglink.com/api/ 		43 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/sync.js?key=b8f771eed689587b82c4635131ce08d7
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.205.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-205-168.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:20 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.viglink.com/api/sync.gif?key=b8f771eed689587b82c4635131ce08d7
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.205.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-205-168.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:20 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/ 		80 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.205.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-205-168.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a03691c034b8eadcbc99e08afcd61d6ba543188acc5ca2f2093e30f981335f1d

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://9to5google.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
80
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		23 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:08:04 GMT
x-amz-version-id
gJImWiUZ43TZkUACGUvnT4BAL8Ytwpd5
content-encoding
br
last-modified
Wed, 11 May 2022 08:57:43 GMT
server
AmazonS3
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"5a00ba991fdd7fb0f560fb63f2f832e0"
age
50838
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
9D9DSNhh8udlG1yy7vVC2ju8DYD-KmUgohfxVpYy1eJLQlbCWmBtSw==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-79.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
80698d1f9cc6895344c4c9dc75abba4a5aa73beac1f73921a41ee1c897b8acfd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-spotim-device-uuid
7f457bdf-2457-43f7-84fd-54321dcc44e5
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
36
x-guid
7f457bdf-2457-43f7-84fd-54321dcc44e5
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
5HVK--ozICYGChepQuFmVNEJH5QRxEV9gDaxN-c6ih3NH8u0Yx_7Jg==
AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw
fundingchoicesmessages.google.com/f/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c6014d76cf41bc1b56bfe998e818bea77d75dd36e1a1ea869d23540cbf7bf0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-opFk_O7egymWds8X5g8Z-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-opFk_O7egymWds8X5g8Z-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=1388878664;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F;uht=2;fpan=1;fpa=P0-183991031-1675365320782;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1388878664;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F;uht=2;fpan=1;fpa=P0-183991031-1675365320782;pbc=;ns=0;ce=1;qjs=1;qv=c1229512-20230130173030;cm=;gdpr=0;ref=;d=9to5google.com;dst=0;et=1675365321034;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Google%20Fi%20seemingly%20affected%20by%20latest%20T-Mobile%20data%20breach%2Cdescription.Google%20Fi%20has%20notified%20customers%20of%20a%20data%20breach%20that%20exposed%20technical%20informa%2Curl.https%3A%2F%2F9to5google%252Ecom%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F%2Csite_name.9to5Google%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2F9to5google%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F4%2F2021%2F04%2Fgoogle-fi-mv%2Cimage%3Awidth.3000%2Cimage%3Aheight.1500%2Cimage%3Atype.image%2Fjpeg;ses=0fae2c7a-b1cb-4a2e-ba67-f262ad5f9eb5
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 41B8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
baba187fae460bf41e69bd48fb62383daa8f8de919e222eab84a8efdfb534a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Feb 2023 19:15:21 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 41B8 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:13:14 GMT
x-content-type-options
nosniff
age
127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Feb 2023 19:28:14 GMT
publisher:getClientId
ampcid.google.ru/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ru/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 41B8 		67 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12fc078572dae33fea40addd3d4e8804da41b74ebf45e5062a333f7e033d3f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31039
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 41B8 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=5-Aj7Ibm0GoJ_rQV&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24409252%2C24415864%2C24439361%2C24441239%2C24443595%2C24450291%2C24450367%2C24451033%2C24458634%2C24460856%2C24463911&cl=505538583&seq=1&event=streamingstats&docid=pL2fbFuYs3o&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230129.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
X-YouTube-Client-Version
1.20230129.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVOWhlcGZOZ056QSjIl_CeBg%3D%3D
X-YouTube-Ad-Signals
dt=1675365321085&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/ Frame 41B8 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0025f7355e674ecc77f8ac3deb4586090ee4f1463cef7f175d9acc57b5bb0928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
267837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8387
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 01:18:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 16:51:24 GMT
truncated
/ Frame 41B8 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.fi/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/adsid/integrator.js?domain=9to5google.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9to5google.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0FEA 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9baa1a890a654f704117a4dd343ba3ff313a1433488d3a39818e76ebef29185b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
8764
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Thu, 02 Feb 2023 19:15:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&pid=GZqXkQ4p02YaZ&cb=1&ws=1600x1200&v=23.127.1625&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1436850350386-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%5D&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
ZDQRD09KPK4Q22BVP9HV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
IibWeiNf5GOWEEUZ3O0N1HUgbUSQEKCSw50AQqLXLUW1TYQz8EvB5w==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24532&site_id=425270&zone_id=2413094&size_id=15&alt_size_ids=2%2C55%2C57&rf=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&tg_i.dfp_ad_unit_code=1049447%2F9to5google-300x250-TopSidebarMain-R&tg_i.pbadslot=1049447%2F9to5google-300x250-TopSidebarMain-R&tk_flint=pbjs_lite_v5.20.3&x_source.tid=e4fa3df8-2fbb-4ce4-a4a3-7e8f878f33fb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.789074061215649
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
22498fd76cf5f1a04f86afbf80d0c72cc1778ef568e609fe2803ae3031123767

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://9to5google.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://9to5google.com
date
Thu, 02 Feb 2023 19:15:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUOZ495Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f9ab10dc550af635c4eaa5f2b1a7752621b97cfe8a5fc8657df711c8ff1adba4

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://9to5google.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 02 Feb 2023 19:15:21 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		212 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
ad246c22665c091defc9280691f3ec063b83290993994fc8a872317bfa7ca326

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://9to5google.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=860679&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229cfa62ee11cb33%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210428a60bacc0c4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad50b518db2954d13ffa9ad89826c39d1ef56a2edaa020a43bad90fbbf3a700

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riDoeOt0L536Ypjz5%2BwVFIXDs0fNx2pq6SGeLAvkwkGMGbOIGGbOf9xYc59wYxCqd%2BWO67lvvxZWBUwVnjTIkprGYxkmh%2FrXOh5WPRdLfgZwJV%2Fnvv8cpgBlj5skINhleclCdNQt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://9to5google.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7935414b4e561685-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3dadf1550a757befbc633bf7c6e7d59ffce0bea3a45ccfa0a6e010f042e33e37
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:21 GMT
AN-X-Request-Uuid
d5d89fd5-2992-4c55-82f4-2efe2a61025a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://9to5google.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a6018080b98f8cbe0f535e005c&pos=8a96907a0182825f8075610eb06a000c&cmd=bid&secure=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b911dfc611de7826b867f58c80d68e353597f9b1a4e91a5d82251a4a8e44c3e1

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://9to5google.com
access-control-allow-credentials
true
content-length
80
arj
nineto5mac-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nineto5mac-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e4fa3df8-2fbb-4ce4-a4a3-7e8f878f33fb&nocache=1675365321374&aus=300x250%2C728x90%2C970x90%2C970x250&divids=div-gpt-ad-1&aucs=%252F1049447%252F9to5google-300x250-TopSidebarMain-R&auid=557730549
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4aed1eff58f49aac71a8d4d89688a5b0af2b10b9dc19c3f2eda86f7c13dd7bea

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://9to5google.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.3&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1%22%2C%22callback_id%22%3A%2221a3dde434af216%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223051577113086730262%22%2C%22gpid%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%7D%5D&page_url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&bust=1675365321375&pr=&scrd=1&dnt=false&description=Google%20Fi%20has%20notified%20customers%20of%20a%20data%20breach%20that%20exposed%20technical%20information%20and%20phone%20numbers%2C%20but%20no%20personal%20data.&title=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.218.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://9to5google.com
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=296853756&t=pageview&_s=1&dl=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ul=en-us&de=UTF-8&dt=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAQCAC~&jid=1825471611&gjid=1433294610&cid=602077083.1675365321&tid=UA-23224427-1&_gid=1048564033.1675365321&_r=1&_slc=1&gtm=2wg210THGGVXB&cg1=google-fi&z=538408879
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://9to5google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=296853756&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ul=en-us&de=UTF-8&dt=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User&ea=Color%20Mode&el=Light&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=602077083.1675365321&tid=UA-23224427-1&_gid=1048564033.1675365321&gtm=2wg210THGGVXB&z=58650006
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 02:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=296853756&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ul=en-us&de=UTF-8&dt=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Content%20Category&ea=google-fi&el=%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=602077083.1675365321&tid=UA-23224427-1&_gid=1048564033.1675365321&gtm=2wg210THGGVXB&z=636087136
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 02:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=296853756&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ul=en-us&de=UTF-8&dt=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adblocker&ea=inactive&el=%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=602077083.1675365321&tid=UA-23224427-1&_gid=1048564033.1675365321&gtm=2wg210THGGVXB&cd1=inactive&z=465093531
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 02:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/ 		129 B
859 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/no_post
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.0.39-beta-hotfix/launcher/561-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-79.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
410a78cbd9400878e92e1f7d64d804e6fabed94b7bc7f3dd9eb19b3a89c3a2b2

Request headers

Accept
application/json
Referer
https://9to5google.com/
x-spotim-device-uuid
7f457bdf-2457-43f7-84fd-54321dcc44e5
x-spotim-page-view-id
55ccb8ce-cdef-4ecd-8143-d6e57a28a320
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA2-C1
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://9to5google.com
x-cache
Miss from cloudfront
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
129
x-amz-cf-id
tsOObZPeb0bU_hDHK99tGK346MgOoJZzUSAt08qJm6rBbnAjo4D6Gg==
x-request-id
f03c6ab2-a32d-11ed-b7ca-be39ccc11b69
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/no_post
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-79.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://9to5google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Thu, 02 Feb 2023 19:15:21 GMT
server
fasthttp
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-id
YHG2DU3Kp2EdnZzZxdiWSOISbgkkhLBP19bLatPrKgnnFd1cmDNOHw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://9to5google.com
date
Thu, 02 Feb 2023 19:15:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		212 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
fe610436d53301d249eea6064a7ef2293f677df99a007904543d1f8b2413493f

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://9to5google.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=860681&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2226562fc28efc7d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227861173036a806%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A70%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x70%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb999c3dbc898dd0a441b8eb11bda0661bbd5d6de843eb5bae9ccefed6525dd5

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tba%2B2%2BtENUuqfdyVi6Prg60YKT5le4ooRT8dekFtWTI%2F1ycbr30IyF5OpfS4ByKUrdoQgf1oIQIdBEAxe7bRMcBaoNwRJF%2FWqa%2FF51UR79pGePjnXQNXRtw9zSF%2B7fvrTJeBwVmf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://9to5google.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7935414b4e571685-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.3&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1436850350386-0%22%2C%22callback_id%22%3A%2232f3813797837a9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C70%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223051577112038154251%22%2C%22gpid%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%5D&page_url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&bust=1675365321458&pr=&scrd=1&dnt=false&description=Google%20Fi%20has%20notified%20customers%20of%20a%20data%20breach%20that%20exposed%20technical%20information%20and%20phone%20numbers%2C%20but%20no%20personal%20data.&title=Google%20Fi%20seemingly%20affected%20by%20T-Mobile%20data%20breach&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.218.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-218-241.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://9to5google.com
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
nineto5mac-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nineto5mac-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=edfe3316-7bb9-4b83-a438-02434fbffbd6&nocache=1675365321459&aus=728x90%2C970x70%2C970x90%2C970x250&divids=div-gpt-ad-1436850350386-0&aucs=%252F1049447%252F9to5google-728x90-TopMain-R&auid=557730553
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
83faa07bb12a1268896106727dd36d56d74496a6b2f79eb0c6e2d70bdd97cb14

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://9to5google.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24532&site_id=425270&zone_id=2413096&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&tg_i.dfp_ad_unit_code=1049447%2F9to5google-728x90-TopMain-R&tg_i.pbadslot=1049447%2F9to5google-728x90-TopMain-R&tk_flint=pbjs_lite_v5.20.3&x_source.tid=edfe3316-7bb9-4b83-a438-02434fbffbd6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21116330797273108
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
637461bf36a597a7507b8007157317cabdcb50f5cef93fa6fb65d459c7b50171

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://9to5google.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
753d9d078d7594492aad57f9057b17be55844f9f704e6e854322680cf0ebbe4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:21 GMT
AN-X-Request-Uuid
0145d80e-307c-4644-94fa-df0bb939823e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://9to5google.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUOZ495Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
54d196d9255eeaa69f91a6de0dc54a128f5aab129692e0511a7b9ae340ad9084

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://9to5google.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 02 Feb 2023 19:15:21 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a6018080b98f8cbe0f535e005c&pos=8a96907a0182825f8075610fe67f000d&cmd=bid&secure=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ca19f384fd440624d6ad3ccc21feee3aba5fc0267e3872a89f0b5093f0b6c1a0

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://9to5google.com
access-control-allow-credentials
true
content-length
80
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 41B8 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/player_ias.vflset/fi_FI/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
476fdbe987937e6426505ecbaf2454cc106ac1af2538226e56be008f5ece0105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
9814550440036854287
tpc.googlesyndication.com/simgad/ Frame 1B38 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9814550440036854287?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnA-j0G_cATTxBudX3MJ202LTuvRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ba50511d0b04dfe5ed6b50a881cd308e50ce02041e69bcc96d7d2337d108b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:31:01 GMT
x-content-type-options
nosniff
age
20660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35025
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 12:54:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 13:31:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/ Frame 1B38 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
16648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 14:37:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame 1B38 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 18:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame 1B38 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:37:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
16647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 14:37:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B38 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 19:15:21 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame 1B38 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9e3a10e8206720cd958b456b2694713dcde32010af2cb3987c768ce8990395e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 22:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
75314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13600
x-xss-protection
0
server
cafe
etag
2416558543469087108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 22:20:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1B38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxjqTyAvcY6L8Laa8mLAPi8S58AKrrsCqbquh7eD_ENvZHhABIOXxgzFg9wGgAcD83eECyAECqAMByAPJBKoEowJP0BxRddgA-4O5wqadfKlaBB9P2Nf6hJ9VG7Rp4cTBvuLH328OirCqLYGLQX0RyD1Pl169eWKnNt_l6EguxDbtX6gCM-pJGa0LrIsqBAhc1OoEPKOu9ufJiZw_eymGxsSjP2Js1jDteRB4hgK7WkhJFHTRfpJueMOkbelzUy6QAGA3v0HMQkvYetjCI3JD6i2CFCMPG4sbhSN6CPVLf8fZvg7dwZTqV_4lXRC6mpefaMmFMfZFIAx9ZGHaNwK4bx2R8iXkMB7snrQhopLd4E0LkgoCa7FQlF9KGZCJsmxjuc4zNxlH7CIJPyE2YcE8cqsAJHV9FDqy5rjZxAguXXGP1SWBHCRTXu4VfRIRdk0YYyLx_DPqdC-T41c-gYHKbhW6c-TABKq1o76IBJIFBAgEGAGSBQQIBRgEoAYCgAeog6KeAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPSqM9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg1MTM0ODMwMjE2ODM1NzEYAA&sigh=J9-4rBLVRCw&uach_m=[UACH]&cid=CAQSGwDUE5ymy6blQVif7nkItKeh_4RTSOpWHHnVtBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 02 Feb 2023 19:15:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Feb 2023 19:15:21 GMT
integrator.js
adservice.google.fi/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/adsid/integrator.js?domain=9to5google.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9to5google.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2428549485718897&correlator=2980578310305856&eid=31071678%2C31072042%2C31071662&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=1049447%2C9to5google-300x250-TopSidebarMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C728x90%7C970x90%7C970x250&ifi=4&adks=4259116686&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&abxe=1&dt=1675365321881&lmt=1675365321&dlt=1675365319439&idt=1879&adxs=650&adys=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&frm=20&vis=1&psz=1600x270&msz=1600x20&fws=4&ohw=1600&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24af2921054f033227accaedee53c8b9e4d099e789baf8aa227962ecf53f1afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10749
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Fri, 02 Feb 2024 19:15:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 41EF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Feb 2023 19:15:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7987 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
157
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7935414ea90d0a3d-ARN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Thu, 02 Feb 2023 23:15:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 620B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132266
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
expires
Sat, 04 Feb 2023 07:59:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 821D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C233%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
929758e015b2e02ecdfb777c32c537e260e60ed7c7a1001df6ff77a2a44c5747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8195
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Sat, 04 Feb 2023 19:15:22 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 387F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
55972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Feb 2023 19:15:22 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 629947
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220097-HHN
X-Timer
S1675365322.200553,VS0,VE0
checksync.php
contextual.media.net/ Frame FF9B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C233%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
929758e015b2e02ecdfb777c32c537e260e60ed7c7a1001df6ff77a2a44c5747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8195
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Sat, 04 Feb 2023 19:15:22 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 4130 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
157
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7935414ea9100a3d-ARN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Thu, 02 Feb 2023 23:15:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame B5B8 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7EA0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
55972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Feb 2023 19:15:22 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 658980
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220048-HHN
X-Timer
S1675365322.207640,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 0E52 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 14D3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132266
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 02 Feb 2023 19:15:21 GMT
expires
Sat, 04 Feb 2023 07:59:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
s
googleads.g.doubleclick.net/pagead/drt/ Frame E06A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
2746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 18:29:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7997 		247 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f3.1e100.net
Software
sffe /
Resource Hash
316387297b6d28573366cac3461586c82860914be2e24fa3af3c16d18b3003f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
205
content-security-policy-report-only
script-src 'nonce-TwhbYkWmK4hFZFLQ3AnjDg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1B38 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95771868d3c3f7fdc3f846678e9e005d1154dc9c85ba39ad47af8a48b81e92fc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame 620B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26632706&p=161751&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
298f632a2569a946148bf6aa47aba9d7128df5e9eef02348b50e1b2bfac3e502

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c2a3fd833bbfc5a3f72f1a5f1f1d1f719f5b952684dadee92f9a7f9d5b2c34

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79354150ebb82e09-ARN
content-encoding
br
content-type
text/html
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aS0ZeD8ZB0LBRwc3yAMXfLATyWpVDfVYfA2PQw16cfhC75JEhe52t5FmeklwymmZqNSz5sZ50fKICcnse0HHlwajC7BARt8Z85jIcQ%2Bt%2BgTUECnPwUDh40Rjr2aSiv6H32TahVcSpPHVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
793541503b1b2e09-ARN
content-length
0
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
0
location
/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYCNW0djvymOigb8VfU%2FuZJJqBuNeFovpFFuBjmoHcQLfFoZp4dseYMDtag0cxDg5CLewpnGC%2B%2FWRC0N03F8J33GUj7P%2BgYdjjsdjCOJQMuWBe9JibDrM6H6%2BwgPSIy7qKH1uuBIpJOduA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 41EF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a5f4420bd9bdd09ff296d20c8cec3e451e4ada11605a6b1e01779f29bd467771

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 19:15:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 07:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42725
Connection
keep-alive
Content-Length
10036
Expires
Fri, 03 Feb 2023 07:07:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9601
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba06f8b54576d94c29f994a3f055e6545ecd70afa5db3de67b7d4be00dc184b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79354150ebb62e09-ARN
content-encoding
br
content-type
text/html
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhaDTA7BYkMl54kqV9%2BZbBNG5PxsTtNMjmKqAENmHN8jm2S1%2F3AcH3dJTiXIIAila1vRZr%2B3H95v8Xi42rgf%2FfmOSf3pvA5JYghqfL0DMxB5YkVd2m83FiFLzEL1nZveZDEoFe08HnfyAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
793541503b1c2e09-ARN
content-length
0
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
0
location
/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9rwGRCH9VkhP2svf0t7oc1L%2Fs4ohGg7P24jLYGIiPDtDSPvfj56y4x%2Bw%2Fg8X8YCUDuNuQCODxNDjOBZa6ySGKsS5FmZ4Ij8h9Dt8lpVormGLKbj7y07621DLplRGzG6mPU5SIuCKDoTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
integrator.js
adservice.google.fi/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/adsid/integrator.js?domain=9to5google.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9to5google.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2428549485718897&correlator=1450928943140255&eid=31071678%2C31072042%2C31071662&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=1049447%2C9to5google-728x90-TopMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x70%7C970x90%7C970x250&ifi=5&adks=3714748339&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26pwtverid%3D9%26pwtprofid%3D6840%26pwtpubid%3D161751%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D970x250%26pwtecp%3D0.02%26pwtsid%3D4581498a216a0f6%26pwtpid%3Drubicon&eri=1&sc=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&abxe=1&dt=1675365322155&lmt=1675365322&dlt=1675365319439&idt=1879&adxs=436&adys=250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&frm=20&vis=1&psz=1600x270&msz=1600x250&fws=4&ohw=1600&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71e98cc55f514ff03e5741761031811f4c83234b8a272ae95d2ad336b76e96a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10740
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://9to5google.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E06A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Thu, 02 Feb 2023 19:15:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 387F 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
AN-X-Request-Uuid
44919de3-b083-4039-8503-eb7ca1623f23
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iframe.html
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7997 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f3.1e100.net
Software
sffe /
Resource Hash
1311b01422446f3f8971a02e418c4079487376d6477af5db8a14af3ea4696eb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1864
content-security-policy-report-only
script-src 'nonce-E8VCFFY2U48JGLb1LRh2Fw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 7EA0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
AN-X-Request-Uuid
940cd11b-cee5-4108-b059-f5d3484b4d33
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301181928000/ Frame E87B 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61734
x-xss-protection
0
server
sffe
etag
"5b4f5406239652c8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame E87B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
server
sffe
etag
"47662644ea8653a3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame E87B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 13:11:57 GMT
age
21805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28817
x-xss-protection
0
server
sffe
etag
"6eb387830c268337"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 13:11:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame E87B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1914
x-xss-protection
0
server
sffe
etag
"f13d3e1d36b26a3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame E87B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 13:11:57 GMT
age
21805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12960
x-xss-protection
0
server
sffe
etag
"f74ebce85e2cb18a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 13:11:57 GMT
truncated
/ Frame E87B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd88f6424353f03081832d44f36cb4a4131ee5e1be542aaf3f71cbc06a347b7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
18444746348027653554
tpc.googlesyndication.com/daca_images/simgad/ Frame E87B 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/18444746348027653554
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922d909f24b185365a9d33a8cf8aea2fe72e1e9e323b07d71870a9fbba071ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:27:59 GMT
x-content-type-options
nosniff
age
31643
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95258
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:59:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 10:27:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E87B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:07:54 GMT
x-content-type-options
nosniff
server
cafe
age
50848
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 03 Feb 2023 05:07:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E87B 		295 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 09:50:10 GMT
x-content-type-options
nosniff
server
cafe
age
33912
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 03 Feb 2023 09:50:10 GMT
l
www.google.com/ads/measurement/ Frame E87B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7nzt8ftRgDtGPAyhfRoTClwKUHZE-JbpJ7_2Ng_v9OsePfKXLB7lTlIHdf7Nnsfp3sjY0
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E87B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6uJDyQvcY7C1OuPB9u8PlLiviAarrsCqbr-D8Yr0ENvZHhABIM3P_R1g9wGgAcD83eECyAEC4AIAqAMByAMIqgS3Ak_Qd3f7XHU-GWBoTPocQZoJ_1ahhFttS6lDngslgYzA2oMWF_b9TGEvGot9G5UVSTcGQUJbmHgdQFenTuXSlpAtQhzfHC7P8V2wDh4La8Arp34f7wBra-yjoFUPs_5xO0_s1gHYYyuW-aoPA69ril0v5ZS922QQBwj_TnWcVVRL0YSGjG7Pkjf_DyB-KzgSXudYcAw50wVzI45OykHfKkEjWnPYattAz1niIhDWWSabq31dSbtvh0mjTH7v8Awm921DBWiYYaaa9vjQLM1qt-0yw_tnL2UrHLXQrk04xxdRsHDAYLd6kULOd0cnAV9AoFD0Jcp14HwlRylgkY7ER0Q_I-sRC20s0Iy-hHzUabdALfFWDjZkopz7IgjrV_TRZVv9cKXfXUqpYcypPa8xGqhHyjoPNcTVwASqtaO-iATgBAGSBQQIBBgBkgUECAUYBKAGAoAHqIOingGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDGggjSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0wOTkzMDI1NjIzMTE2MzI1GLfBCA&sigh=0SP5hUGMRrM&uach_m=[UACH]&cid=CAQSOwDUE5ym_v3hiPIzyaXZSirS7thzqwtR0HIlTkqB3uks2V55ZrzgtGYKtH1n8JKC5nY2YeQAC313p_XDGAE
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 1D86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 02 Feb 2023 19:15:23 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E707
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 02 Feb 2023 19:15:22 GMT
Expires
Thu, 02 Feb 2023 19:15:21 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 421 8749e8d master zrh-pixel-x7 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 9993 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Thu, 02 Feb 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
357933
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 7AD1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3663462214792805106
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3663462214792805106
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3663462214792805106
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame B4A5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
42 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 02 Feb 2023 19:15:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 0F6C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4320526026636815619&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4320526026636815619&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5c1eccfd-1988-427b-be9f-ec65b987488e
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 19:15:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4320526026636815619&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 620B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OIO6Qw8DQd2TD9C4Lm-WEQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132265
accept-ranges
bytes
content-length
5554
expires
Sat, 04 Feb 2023 07:59:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/ Frame 620B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
52.49.185.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.26
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 620B
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3883BA43-0F03-41DD-930F-D0B82E6F9611&addseg=25
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3883BA43-0F03-41DD-930F-D0B82E6F9611&addseg=25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Feb 2023 19:15:22 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3883BA43-0F03-41DD-930F-D0B82E6F9611&addseg=25
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 620B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzg4M0JBNDMtMEYwMy00MURELTkzMEYtRDBCODJFNkY5NjEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 620B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGFahsTxXDrZB-VxVoJF0to&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGFahsTxXDrZB-VxVoJF0to&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGFahsTxXDrZB-VxVoJF0to&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 620B 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 01 Feb 2023 19:15:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 620B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=934466441402492417
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=934466441402492417
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=934466441402492417
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 620B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 41EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNH97L7-1N-3FHK
0
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNH97L7-1N-3FHK
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7D8578FB78E34851B398BC2F58543029 Ref B: STOEDGE1217 Ref C: 2023-02-02T19:15:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzvGLzgv/7lSbWgh3fPQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNH97L7-1N-3FHK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 41EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPJX75Cq1t6fZJ4K6LOswLQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPJX75Cq1t6fZJ4K6LOswLQ&google_cver=1
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPJX75Cq1t6fZJ4K6LOswLQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 41EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5WRfJnFOvlA43nJEWHkRgcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_veOqENE2oK4STANDVHFuoifIZZJy_GFi6sJfg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_veOqENE2oK4STANDVHFuoifIZZJy_GFi6sJfg--~A
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 02 Feb 2023 19:15:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_veOqENE2oK4STANDVHFuoifIZZJy_GFi6sJfg--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 41EF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 41EF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WtgD0kj1QNWWqnWQskFaUg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WtgD0kj1QNWWqnWQskFaUg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WtgD0kj1QNWWqnWQskFaUg
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
HTTP/1.1
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SXXC8P9CP31MHBPY3AJD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WtgD0kj1QNWWqnWQskFaUg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41EF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MzNTY2Yjg0ZmJjOTAwMjgxNzZiYmNjYWQyYmI3NWY0ZTkwM2IwNA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MzNTY2Yjg0ZmJjOTAwMjgxNzZiYmNjYWQyYmI3NWY0ZTkwM2IwNA
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2MzNTY2Yjg0ZmJjOTAwMjgxNzZiYmNjYWQyYmI3NWY0ZTkwM2IwNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 41EF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jzcIlOyQTLGaCFSm-Gj5fw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jzcIlOyQTLGaCFSm-Gj5fw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jzcIlOyQTLGaCFSm-Gj5fw
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RK50CWJ87C3PNCAHW8M5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jzcIlOyQTLGaCFSm-Gj5fw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
casale
match.adsrvr.org/track/cmf/ Frame 33A0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9wLyoymbtqZLuTnnu8t6wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
43 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsrbgA8VosssiQVmI5vz0vEQZ0lbo%2FzNglBgWu78CZeFe4HERBPAdYqWkWd82oEuEUtMCIdOH0%2BA0MtrmdxibKN8p2zzHzAio9dMq%2FzBxmm4ni2%2Bn0HotV6LikA1UgkG4g8iq3RrgC8twg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
79354152789415ec-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 33A0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VCKYJGATZSNZT62830NG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q5WY7RQ446N1N7BM8H9B
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyoymbtqZLuTnnu8t6wAAArkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=14ca63dc-0bcb-4d00-b55d-327ab5569635
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=14ca63dc-0bcb-4d00-b55d-327ab5569635
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
MT3 421 8749e8d master zrh-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=14ca63dc-0bcb-4d00-b55d-327ab5569635
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Feb 2023 19:15:21 GMT
demconf.jpg
dpm.demdex.net/ Frame 33A0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
3.248.39.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-39-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
SVNT8i4QSGQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XcHcxv3YTGE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y9wLyoymbtqZLuTnnu8t6wAA%26697
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Thu, 02 Feb 2023 19:15:22 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 33A0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANaYU7HuBgAAB9G0iX3zw&expiration=1676574922
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANaYU7HuBgAAB9G0iX3zw&expiration=1676574922
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AANaYU7HuBgAAB9G0iX3zw&expiration=1676574922
Date
Thu, 02 Feb 2023 19:15:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 33A0 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y9wLyoymbtqZLuTnnu8t6wAA%26697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
53475
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793541527fb09912-ARN
content-length
43
expires
Fri, 03 Feb 2023 19:15:22 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9601 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9601
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9601
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VXV913NSQ8TJB3V6XXTV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ZCSVG06AHTJT4JVYCMR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9601
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
43 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqCnf1aLYDkSFhz3who1yo5CJfc7hSnLft6EsMaHYpOqrhVYbtZqXGVPDcSQcJa94Ycn8f9Vu5EWQPBfmwsbcDdM8BIdEHJ%2BWSNQAym76oqzA9vQ924IYnFXQXNQU56j6xFyQgzq1dT6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
79354152689115ec-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFEUWpUMFCdgSjhItXRbU6E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9601
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y9wLyqTeI5eU1jeEeS8DGAAA%26667
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b4e07c0-9eb7-44f2-9ce4-13fe385544a3-tuctad5914a
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b4e07c0-9eb7-44f2-9ce4-13fe385544a3-tuctad5914a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=9b4e07c0-9eb7-44f2-9ce4-13fe385544a3-tuctad5914a
date
Thu, 02 Feb 2023 19:15:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
55127
Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9601
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB
date
Thu, 02 Feb 2023 19:15:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 9601
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675451722
43 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675451722
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpsn9RXrkdtY4syB2YMXyfF9xWUMNTjH5KQs8fLp%2F%2BVlu18KbGfhrZB%2BtqjcrCH3aFYnxyyQUmpxQ6sOzLfEKAS5J%2BPqfpnT6WMWDEzhYb0AEMzXnaFPSeD4PuYkg8xwXxOMeKVn"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
793541560e9509af-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675451722
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 9601
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=19e86ced-3438-4b1e-935c-e9bef0a99943
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=19e86ced-3438-4b1e-935c-e9bef0a99943
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=19e86ced-3438-4b1e-935c-e9bef0a99943
date
Thu, 02 Feb 2023 19:15:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9601 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y9wLyqTeI5eU1jeEeS8DGAAA%26667
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
53475
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
793541527fb19912-ARN
content-length
43
expires
Fri, 03 Feb 2023 19:15:22 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301181928000/ Frame 82C3 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61734
x-xss-protection
0
server
sffe
etag
"5b4f5406239652c8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 82C3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
server
sffe
etag
"47662644ea8653a3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 82C3 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 13:11:57 GMT
age
21805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28817
x-xss-protection
0
server
sffe
etag
"6eb387830c268337"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 13:11:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 82C3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 05:31:52 GMT
age
49410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1914
x-xss-protection
0
server
sffe
etag
"f13d3e1d36b26a3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 05:31:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 82C3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 13:11:57 GMT
age
21805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12960
x-xss-protection
0
server
sffe
etag
"f74ebce85e2cb18a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Feb 2024 13:11:57 GMT
18444746348027653554
tpc.googlesyndication.com/daca_images/simgad/ Frame 82C3 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/18444746348027653554
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922d909f24b185365a9d33a8cf8aea2fe72e1e9e323b07d71870a9fbba071ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:27:59 GMT
x-content-type-options
nosniff
age
31643
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95258
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:59:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 10:27:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82C3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:07:54 GMT
x-content-type-options
nosniff
server
cafe
age
50848
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 03 Feb 2023 05:07:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82C3 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 09:50:10 GMT
x-content-type-options
nosniff
server
cafe
age
33912
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 03 Feb 2023 09:50:10 GMT
truncated
/ Frame 82C3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
917049e488cd77e9ff3530f3d214b3000ce4e61f54c30aba378cd84c6e9ec098

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 82C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5g-mOgyErRdqwzlB5QmR6YTEJlX3XJ4LnOtU4dNVYDCiBnynFjOKdIbM_NrZLyoGelpVz
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 82C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_snKygvcY4-JDoK-9u8Pq-qd4AqrrsCqbr-D8Yr0ENvZHhABIM3P_R1g9wGgAcD83eECyAEC4AIAqAMByAMIqgS3Ak_QShz1uXYALAjmA54vksrxmGupBaeqIv4ypm2VAJuBG6qoNilGdxGlwNPu0fecq4tQgFKBsb-sVqmxxB6WR2I4gFD9DHZP1yy3EsH21ciNlmqHBXy3S_mRC-Z6R9tW3hoNRcLFPhi9Yo2c33oKuGzYf1IuaV5wkATcGBVoW7MZSK2k3e_yIX1rmN9X3gd8ubiqQz3oMTS9aknmNatHu42OrnsQHSRJkJytwxTLnzeh--mx0p-60gOWhpORWMi0sEOjhYEVlsfotzsN3APsDgSm22_gXWbMxdVDIyvtXxyAGb9UNG-gJct-mSU0joJFuXnh1G5k49IFT6gg1H0z6QSjQIbx9XLzokY1jNdyn080Swu8enVQ0V9TeYsVvy1wX7XF1RK7NX8Hikfnua8zp4CZcvgX_2QIwASqtaO-iATgBAGSBQQIBBgBkgUECAUYBKAGAoAHqIOingGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCUvRPSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0wOTkzMDI1NjIzMTE2MzI1GLfBCA&sigh=yBLWHxNWUvo&uach_m=[UACH]&cid=CAQSOwDUE5ymKNIh_dU6cL8X9ZFtQdcnGNQMCbX4jjcMNMPr3ugY3NFbLm0UIqms7yUi1dV2qSKap4v_2PC1GAE
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6824 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CA3F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 19:15:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame CA3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
4329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 18:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/ Frame CA3F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:37:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
16648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 14:37:54 GMT
l
www.google.com/ads/measurement/ Frame CA3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs_9B-4buX3yi1IABVHYlra5CZmSnpD955a9UkfUMCXcO8IEBxs5QUqcG2gm93BFIR5qMAwdEL-0kvfLYy80Ljq9Ppvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA3F 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 19:15:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA3F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFUO1LR-WqqwFvIR9wWgam2FvNBcReru2NKV-89oSLXwKIu-Beeta6N_HrS6Qw4JlmKokdpnQdBjkqp3GJvI82ZOs8ydCoj_WnJOOflb3MLcN5-bE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA3F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7480204375397119269&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame AA61 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1675365320&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365320312&bpp=4&bdt=874&idt=383&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MLjQwElv39&p=https%3A//9to5google.com&dtd=388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 05:31:28 GMT
rum
dsum-sec.casalemedia.com/ Frame 6824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6824
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9wLyoymbtqZLuTnnu8t6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_0b9kBDle0vGJ8OYRXejo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECGv9LHt-8IaoD4IlmVE-jM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECGv9LHt-8IaoD4IlmVE-jM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:22 GMT
AN-X-Request-Uuid
74709228-d562-4a3c-89c3-0e1cfcc6e584
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECGv9LHt-8IaoD4IlmVE-jM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6824
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChC5pA4YoffA3QEwAQ&v=APEucNWRfoIaZeWnX2XOL7eIoy8wMEhu_YeYl4Ym3lCkzPl8CTvR9xEL8tKJ8wwwf6nGsCJh3LKKQdErW5NcoJT8B-y7oS0kEPFqzyc0F6GiczCSQqcF5fsLOkDKCDhvLD135YQkmrML7xW25QyzKtSsVkkIC-ryjX38IYQGnnfVaSDe1VJP9xU
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Feb 2023 19:15:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
81803ad2-8f00-4dae-9901-0c7d2dbd1936
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=63735465234&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=63735465234&version=m202301230201&ct=76&x=1&cor=7480204375397119000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CA3F 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B61nwzmcdswCZF6glG7q2Kq5uzG1qeoq2MoKXoL8Ef9__KOfuZsszMqeiL0kkS5wkT-xF9UEGnDupVZhsg8eDPV9Z4Jw&cry=1&dbm_d=AKAmf-AvMkoT4WKLtV80rHsr9Dyxw3QGt_WRnuijW46-Tsf8jvZIB1kYvQg9zLtmDUT6cxHKDavusDMM30_1bbxBIiVERV5zlT-g5pD4c32LqkQ8yt3-Ft0D_B4iIzv-WbltU9lg43nyqXSXnfCv6rqyG9PrTt1otCDEYbf5z3xvwKopcP9pAUNdSSwMgBdMNg5Yh-XSLaeBsNuAk_O7IdBp-NDo_f31lEaHzpCPiuaBzCbI-9eK7J9-XRE9hpYCITwo29oVazE0tL6B8j_HxQmxHl8Gv7OyARdwpYiCzIhPkQLF8BURcDv6vS2vTen0H8hVAjs80d7MMaljeAb4liS5rkoR6WBm6VJJEVPptluD01ovDWu8MYYqPnl3WKUBk9AzlF54MecbrHzIHHem7pSXO0v4OEZJ6kGyNdgsm5vuFS5dpd4VtjD1YiHRXrFAdFuHQThgTDiYH5eORFYJbxm5K_w5MGVeuoSR4_KagT30MQLnBdShFwWH2lUieJAoTp2on7YoMKn9FfzF60V5_ohqGC9dlJW1OU-UHIZklS24G4KOrswIYAJiyajduiT6qbWXaX6-WLevBUEXGNgkBklcRxxKNKqW0iAFWt7TyPAlCAyWNvvLPYfoLmL6OHxoiIw-57f6jBBSflHh_g134gdEjH3oEsxg8rcPSYYmI9mHzYwSPetzJUOqUAYIzPw3NysG6mTTKGYEa2ppPmWQ_STlhypOzjWN09plqJGt7QuZBn1BSa0wwsZez7yLRFoedF1tuE2cMUOQRRitgnEka8d_YOWcktRqVT0b2ff0q3DqPHX91ZTTc0yawhfsyA3spaMh4q5IY_0PtxICvPKQnU88jVEbq7226ol98LcIMEL9q2CLTRzyIkJCESn1QZaRQbFXcNk2gtNuz-mg71Q5kuy7iCSzIJSyNuh86EmrywDQCoZK6sUiHkjXTCRV_LXLAWjOzX_VDbhJupxA5H_DmCRxtW2OGG8vwoHg2qBYMwXnOEcpzyEfsWIkiANnQ-muCxLqJmTSheSf_xQJdyLq_h2hejihQpeCPTraREhTVcxQIMgjnwLwS8MeCYvXrdXpKN6orej_Z02dh8bRemyblu1NIMTa7bFuYdXbDsMcnFfA9nBevnKBz6eSbQ1Ds9s95wyQMHsH3UjEy79nsUEZr9UvsFcthXFFrSF3sivNr1AKcuZEDp2vV7fu9mVAwIiUcqXeFFROuMN7Ob1a3IrpX6n2h3ZCDpvT7ITWMthCC4wKOxWddlJJTnzu-242S2Yps04Ysxl1m0FNV6fHccu_iZSawOhCysdlb4-96A1jcv413X3TiMV3xbMql1wWR_DnJ0LgGCIK3M7KUwGp1im4sb1-yJQB_yEk901cbREOnz8U1vA-NZ-1XeI-WNqe3F_Z4neHPIQQHDsGmaBR4KIcboHvix5J8JiSvHE-Cejke_yhLPQtn_ifOCM66WRAwMpk0u28_l9WoRq6e1vDlevnV9u3wmHIF0byD0i2d2BS_ldelDo5_e5Kuj8bxb0jedj6vFqt3iupA8JK71P1Au7oY4o0XGMneaie7w8E5AFKvdqInaFl4nejM7-LBVPMXRGy5wJBcn_JUc9fXXqH6mEP0Uw2ExsbFWP5AxDMl62P82IqpyibI1v1v33V9pXRar1KYBOc-nfHYR_IVbtBtGojHTdvIldDoIZF_CnWQMLicalSc1Ta-Xso2E1LAIOL3Zb0AN4gW2fVoMlbRJaPN2z73i0nZldeWfDTmx66n_kvwe9EB1Ylni7xU26hFj5IjuHOStPEcf6UM82h3HVSoHsbLxLoKauUFSOXljzBfD2GoqnAT6v2GM8JHn-nZD3-Uyhlm6cvxDN5cC9QQsURy0CRF33MZKjDKTlAsuqQ_2HtZYoMD2vQfo1vcIp_Ei5dFRSF0B5yWcvmmkPtHHbcNt96oTCjngyKZ6jkrjLObpqPiXS8NSohicgxu5h4wGTpj3LXfbiiGBCkIIDpurz8xCGbCi7pjE_WEmeC351nc5Rl1HP2SmWKKb_gaMdk2mYfxxYj_K4JpHOSx2UC2ctF_TWjwLByxk3wwB5LHuPiBBSY0sSuULZME7-FtwBqSFD4TYtcVRyfUN872ng0BtuQMu53RL4WGHgOu4sMaWV96IIwW9v_n_jngped_wAyvAIDSqdaaWb5LkZLh_F3o0ARJdhc4vAiLn7YlYwt5aAD8CtCmw4dAoTYd0MyXuV4LjVOModnjdUVW9o-f684sTzOi_F2FB8DnJiqEaswxLlQGe3pFkY1Ij-jXzF8XAhMTP3h0aVETcct3VmnTTGey9DfFQA02nHHXgIpPw9a5p4JMOQrlmU1GHqFutfPmGjS14HeQ778_zM1VY0ycKX53YeToQMaNCJJZu74znn9ef7wpXW3yMEtQDox3fQxYfejoP-f42mWYpRM_dyiJEOe-M3X0GgjEEnGm6FYdLR9HjY7NKjcf5eYZzsC4hYy1KtwGDJWig6ODOVd2Yi8KD0IQYMPbU_7y6f5_8Foz4gYh9yxSbfF4dO8KqkAXc6LebTYsoNE7A12OxDFt4hGggnGRe5As702EIpxnoM5vPAr8UGc43OZpMVEcdMHmHE-PqPKFFc54sPaYxyIYjzqeUl7jaeul8uWTmidCrG3wTQ9kidlwdMwIHXB7UqKxmkQTC1TJ7rmWfcGPjowfoyxVIQKfSR35IuC6g_sZcjyqHtCmVjn9xf4UrgLoxNq3tcJ0pMulAipZWo5U2rYvwjBf741VkH8mk8-I8KamKduOg3rKThgC6VdQLzZPOAfey8pStNudoJYwpwUup5CuNfwW-b4fwKTQlKrAJ29yRsU3GR7lNGMCi4eHSCpe11YU5CNWxvuII8F5AwsIsWx-takUTFwuLiA0X8DY_yHOJ44kSU1PR4hLo35q8H9s3Efg39781NNClnnyQCmU6CrIsTZljBDKseE38FIuQGf23u7pcaOAZOTyNCcurK_ASblVmU2VmrSB-YIdk8xbHEzqsZHHUwf-O8YRsPfLyCWYKr50TeVbc5WC2zEy4Q5kJo0Zd_2oS4dNEWKk4NddU8eS0ISbzBlev20qfdg1ZwQzFoj8VPhqbbyczdlOfMiHfktgJ5kcyi45cUpdobK4XgsRRLOGUZmSSOFRa_oOqRixKHxU32HxbBQYkgm_qvKsYjEVdIXwYcMdE98wBvMea1IyY4MbYaiKc3H7IZtzr-4wSNUaDPV5RG1qSKeBFIkFoatKTkZ_TV_yMTuO5V3JVPLKly3QpXOE1JCKqVgxvGwcH8eY1aRl-Wl90QSdPzH91Mmsv98jLMe2AlkXgwi23UtVBH0hHykmOzSOWx8lzn3YZVN4GvkD6kdHsLKzhHxxxoMoEwBeYBBPXZBuzpDaz19uYBHI_mkeK-ndjoLxZ4yY8puzTyaj1oH4_AvXKuE9yqg5LdvLb8&cid=CAQSOwDUE5ymb4HhibmxDj8ZZxcoMz-5k-idcg9l5WzeAy1CGSyEnvjsLsGVQxM-uVPxW-_w9vIXcmaQ7oOtGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2F9to5google.com%2F&ds=l&xdt=1&iif=1&cor=7480204375397119000&adk=1877897943&idt=194&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d664a7e9ee2cbfdc6bfa6aab83535436d56886fd2f73080f82c88143ac4e9605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35105
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E87B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 82C3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Feb 2023 19:15:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CA3F 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 23:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Feb 2023 23:10:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230131/r20110914/elements/html/ Frame CA3F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230131/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B61nwzmcdswCZF6glG7q2Kq5uzG1qeoq2MoKXoL8Ef9__KOfuZsszMqeiL0kkS5wkT-xF9UEGnDupVZhsg8eDPV9Z4Jw&cry=1&dbm_d=AKAmf-AvMkoT4WKLtV80rHsr9Dyxw3QGt_WRnuijW46-Tsf8jvZIB1kYvQg9zLtmDUT6cxHKDavusDMM30_1bbxBIiVERV5zlT-g5pD4c32LqkQ8yt3-Ft0D_B4iIzv-WbltU9lg43nyqXSXnfCv6rqyG9PrTt1otCDEYbf5z3xvwKopcP9pAUNdSSwMgBdMNg5Yh-XSLaeBsNuAk_O7IdBp-NDo_f31lEaHzpCPiuaBzCbI-9eK7J9-XRE9hpYCITwo29oVazE0tL6B8j_HxQmxHl8Gv7OyARdwpYiCzIhPkQLF8BURcDv6vS2vTen0H8hVAjs80d7MMaljeAb4liS5rkoR6WBm6VJJEVPptluD01ovDWu8MYYqPnl3WKUBk9AzlF54MecbrHzIHHem7pSXO0v4OEZJ6kGyNdgsm5vuFS5dpd4VtjD1YiHRXrFAdFuHQThgTDiYH5eORFYJbxm5K_w5MGVeuoSR4_KagT30MQLnBdShFwWH2lUieJAoTp2on7YoMKn9FfzF60V5_ohqGC9dlJW1OU-UHIZklS24G4KOrswIYAJiyajduiT6qbWXaX6-WLevBUEXGNgkBklcRxxKNKqW0iAFWt7TyPAlCAyWNvvLPYfoLmL6OHxoiIw-57f6jBBSflHh_g134gdEjH3oEsxg8rcPSYYmI9mHzYwSPetzJUOqUAYIzPw3NysG6mTTKGYEa2ppPmWQ_STlhypOzjWN09plqJGt7QuZBn1BSa0wwsZez7yLRFoedF1tuE2cMUOQRRitgnEka8d_YOWcktRqVT0b2ff0q3DqPHX91ZTTc0yawhfsyA3spaMh4q5IY_0PtxICvPKQnU88jVEbq7226ol98LcIMEL9q2CLTRzyIkJCESn1QZaRQbFXcNk2gtNuz-mg71Q5kuy7iCSzIJSyNuh86EmrywDQCoZK6sUiHkjXTCRV_LXLAWjOzX_VDbhJupxA5H_DmCRxtW2OGG8vwoHg2qBYMwXnOEcpzyEfsWIkiANnQ-muCxLqJmTSheSf_xQJdyLq_h2hejihQpeCPTraREhTVcxQIMgjnwLwS8MeCYvXrdXpKN6orej_Z02dh8bRemyblu1NIMTa7bFuYdXbDsMcnFfA9nBevnKBz6eSbQ1Ds9s95wyQMHsH3UjEy79nsUEZr9UvsFcthXFFrSF3sivNr1AKcuZEDp2vV7fu9mVAwIiUcqXeFFROuMN7Ob1a3IrpX6n2h3ZCDpvT7ITWMthCC4wKOxWddlJJTnzu-242S2Yps04Ysxl1m0FNV6fHccu_iZSawOhCysdlb4-96A1jcv413X3TiMV3xbMql1wWR_DnJ0LgGCIK3M7KUwGp1im4sb1-yJQB_yEk901cbREOnz8U1vA-NZ-1XeI-WNqe3F_Z4neHPIQQHDsGmaBR4KIcboHvix5J8JiSvHE-Cejke_yhLPQtn_ifOCM66WRAwMpk0u28_l9WoRq6e1vDlevnV9u3wmHIF0byD0i2d2BS_ldelDo5_e5Kuj8bxb0jedj6vFqt3iupA8JK71P1Au7oY4o0XGMneaie7w8E5AFKvdqInaFl4nejM7-LBVPMXRGy5wJBcn_JUc9fXXqH6mEP0Uw2ExsbFWP5AxDMl62P82IqpyibI1v1v33V9pXRar1KYBOc-nfHYR_IVbtBtGojHTdvIldDoIZF_CnWQMLicalSc1Ta-Xso2E1LAIOL3Zb0AN4gW2fVoMlbRJaPN2z73i0nZldeWfDTmx66n_kvwe9EB1Ylni7xU26hFj5IjuHOStPEcf6UM82h3HVSoHsbLxLoKauUFSOXljzBfD2GoqnAT6v2GM8JHn-nZD3-Uyhlm6cvxDN5cC9QQsURy0CRF33MZKjDKTlAsuqQ_2HtZYoMD2vQfo1vcIp_Ei5dFRSF0B5yWcvmmkPtHHbcNt96oTCjngyKZ6jkrjLObpqPiXS8NSohicgxu5h4wGTpj3LXfbiiGBCkIIDpurz8xCGbCi7pjE_WEmeC351nc5Rl1HP2SmWKKb_gaMdk2mYfxxYj_K4JpHOSx2UC2ctF_TWjwLByxk3wwB5LHuPiBBSY0sSuULZME7-FtwBqSFD4TYtcVRyfUN872ng0BtuQMu53RL4WGHgOu4sMaWV96IIwW9v_n_jngped_wAyvAIDSqdaaWb5LkZLh_F3o0ARJdhc4vAiLn7YlYwt5aAD8CtCmw4dAoTYd0MyXuV4LjVOModnjdUVW9o-f684sTzOi_F2FB8DnJiqEaswxLlQGe3pFkY1Ij-jXzF8XAhMTP3h0aVETcct3VmnTTGey9DfFQA02nHHXgIpPw9a5p4JMOQrlmU1GHqFutfPmGjS14HeQ778_zM1VY0ycKX53YeToQMaNCJJZu74znn9ef7wpXW3yMEtQDox3fQxYfejoP-f42mWYpRM_dyiJEOe-M3X0GgjEEnGm6FYdLR9HjY7NKjcf5eYZzsC4hYy1KtwGDJWig6ODOVd2Yi8KD0IQYMPbU_7y6f5_8Foz4gYh9yxSbfF4dO8KqkAXc6LebTYsoNE7A12OxDFt4hGggnGRe5As702EIpxnoM5vPAr8UGc43OZpMVEcdMHmHE-PqPKFFc54sPaYxyIYjzqeUl7jaeul8uWTmidCrG3wTQ9kidlwdMwIHXB7UqKxmkQTC1TJ7rmWfcGPjowfoyxVIQKfSR35IuC6g_sZcjyqHtCmVjn9xf4UrgLoxNq3tcJ0pMulAipZWo5U2rYvwjBf741VkH8mk8-I8KamKduOg3rKThgC6VdQLzZPOAfey8pStNudoJYwpwUup5CuNfwW-b4fwKTQlKrAJ29yRsU3GR7lNGMCi4eHSCpe11YU5CNWxvuII8F5AwsIsWx-takUTFwuLiA0X8DY_yHOJ44kSU1PR4hLo35q8H9s3Efg39781NNClnnyQCmU6CrIsTZljBDKseE38FIuQGf23u7pcaOAZOTyNCcurK_ASblVmU2VmrSB-YIdk8xbHEzqsZHHUwf-O8YRsPfLyCWYKr50TeVbc5WC2zEy4Q5kJo0Zd_2oS4dNEWKk4NddU8eS0ISbzBlev20qfdg1ZwQzFoj8VPhqbbyczdlOfMiHfktgJ5kcyi45cUpdobK4XgsRRLOGUZmSSOFRa_oOqRixKHxU32HxbBQYkgm_qvKsYjEVdIXwYcMdE98wBvMea1IyY4MbYaiKc3H7IZtzr-4wSNUaDPV5RG1qSKeBFIkFoatKTkZ_TV_yMTuO5V3JVPLKly3QpXOE1JCKqVgxvGwcH8eY1aRl-Wl90QSdPzH91Mmsv98jLMe2AlkXgwi23UtVBH0hHykmOzSOWx8lzn3YZVN4GvkD6kdHsLKzhHxxxoMoEwBeYBBPXZBuzpDaz19uYBHI_mkeK-ndjoLxZ4yY8puzTyaj1oH4_AvXKuE9yqg5LdvLb8&cid=CAQSOwDUE5ymb4HhibmxDj8ZZxcoMz-5k-idcg9l5WzeAy1CGSyEnvjsLsGVQxM-uVPxW-_w9vIXcmaQ7oOtGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2F9to5google.com%2F&ds=l&xdt=1&iif=1&cor=7480204375397119000&adk=1877897943&idt=194&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 22:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
75631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 22:14:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230131/r20110914/ Frame CA3F 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B61nwzmcdswCZF6glG7q2Kq5uzG1qeoq2MoKXoL8Ef9__KOfuZsszMqeiL0kkS5wkT-xF9UEGnDupVZhsg8eDPV9Z4Jw&cry=1&dbm_d=AKAmf-AvMkoT4WKLtV80rHsr9Dyxw3QGt_WRnuijW46-Tsf8jvZIB1kYvQg9zLtmDUT6cxHKDavusDMM30_1bbxBIiVERV5zlT-g5pD4c32LqkQ8yt3-Ft0D_B4iIzv-WbltU9lg43nyqXSXnfCv6rqyG9PrTt1otCDEYbf5z3xvwKopcP9pAUNdSSwMgBdMNg5Yh-XSLaeBsNuAk_O7IdBp-NDo_f31lEaHzpCPiuaBzCbI-9eK7J9-XRE9hpYCITwo29oVazE0tL6B8j_HxQmxHl8Gv7OyARdwpYiCzIhPkQLF8BURcDv6vS2vTen0H8hVAjs80d7MMaljeAb4liS5rkoR6WBm6VJJEVPptluD01ovDWu8MYYqPnl3WKUBk9AzlF54MecbrHzIHHem7pSXO0v4OEZJ6kGyNdgsm5vuFS5dpd4VtjD1YiHRXrFAdFuHQThgTDiYH5eORFYJbxm5K_w5MGVeuoSR4_KagT30MQLnBdShFwWH2lUieJAoTp2on7YoMKn9FfzF60V5_ohqGC9dlJW1OU-UHIZklS24G4KOrswIYAJiyajduiT6qbWXaX6-WLevBUEXGNgkBklcRxxKNKqW0iAFWt7TyPAlCAyWNvvLPYfoLmL6OHxoiIw-57f6jBBSflHh_g134gdEjH3oEsxg8rcPSYYmI9mHzYwSPetzJUOqUAYIzPw3NysG6mTTKGYEa2ppPmWQ_STlhypOzjWN09plqJGt7QuZBn1BSa0wwsZez7yLRFoedF1tuE2cMUOQRRitgnEka8d_YOWcktRqVT0b2ff0q3DqPHX91ZTTc0yawhfsyA3spaMh4q5IY_0PtxICvPKQnU88jVEbq7226ol98LcIMEL9q2CLTRzyIkJCESn1QZaRQbFXcNk2gtNuz-mg71Q5kuy7iCSzIJSyNuh86EmrywDQCoZK6sUiHkjXTCRV_LXLAWjOzX_VDbhJupxA5H_DmCRxtW2OGG8vwoHg2qBYMwXnOEcpzyEfsWIkiANnQ-muCxLqJmTSheSf_xQJdyLq_h2hejihQpeCPTraREhTVcxQIMgjnwLwS8MeCYvXrdXpKN6orej_Z02dh8bRemyblu1NIMTa7bFuYdXbDsMcnFfA9nBevnKBz6eSbQ1Ds9s95wyQMHsH3UjEy79nsUEZr9UvsFcthXFFrSF3sivNr1AKcuZEDp2vV7fu9mVAwIiUcqXeFFROuMN7Ob1a3IrpX6n2h3ZCDpvT7ITWMthCC4wKOxWddlJJTnzu-242S2Yps04Ysxl1m0FNV6fHccu_iZSawOhCysdlb4-96A1jcv413X3TiMV3xbMql1wWR_DnJ0LgGCIK3M7KUwGp1im4sb1-yJQB_yEk901cbREOnz8U1vA-NZ-1XeI-WNqe3F_Z4neHPIQQHDsGmaBR4KIcboHvix5J8JiSvHE-Cejke_yhLPQtn_ifOCM66WRAwMpk0u28_l9WoRq6e1vDlevnV9u3wmHIF0byD0i2d2BS_ldelDo5_e5Kuj8bxb0jedj6vFqt3iupA8JK71P1Au7oY4o0XGMneaie7w8E5AFKvdqInaFl4nejM7-LBVPMXRGy5wJBcn_JUc9fXXqH6mEP0Uw2ExsbFWP5AxDMl62P82IqpyibI1v1v33V9pXRar1KYBOc-nfHYR_IVbtBtGojHTdvIldDoIZF_CnWQMLicalSc1Ta-Xso2E1LAIOL3Zb0AN4gW2fVoMlbRJaPN2z73i0nZldeWfDTmx66n_kvwe9EB1Ylni7xU26hFj5IjuHOStPEcf6UM82h3HVSoHsbLxLoKauUFSOXljzBfD2GoqnAT6v2GM8JHn-nZD3-Uyhlm6cvxDN5cC9QQsURy0CRF33MZKjDKTlAsuqQ_2HtZYoMD2vQfo1vcIp_Ei5dFRSF0B5yWcvmmkPtHHbcNt96oTCjngyKZ6jkrjLObpqPiXS8NSohicgxu5h4wGTpj3LXfbiiGBCkIIDpurz8xCGbCi7pjE_WEmeC351nc5Rl1HP2SmWKKb_gaMdk2mYfxxYj_K4JpHOSx2UC2ctF_TWjwLByxk3wwB5LHuPiBBSY0sSuULZME7-FtwBqSFD4TYtcVRyfUN872ng0BtuQMu53RL4WGHgOu4sMaWV96IIwW9v_n_jngped_wAyvAIDSqdaaWb5LkZLh_F3o0ARJdhc4vAiLn7YlYwt5aAD8CtCmw4dAoTYd0MyXuV4LjVOModnjdUVW9o-f684sTzOi_F2FB8DnJiqEaswxLlQGe3pFkY1Ij-jXzF8XAhMTP3h0aVETcct3VmnTTGey9DfFQA02nHHXgIpPw9a5p4JMOQrlmU1GHqFutfPmGjS14HeQ778_zM1VY0ycKX53YeToQMaNCJJZu74znn9ef7wpXW3yMEtQDox3fQxYfejoP-f42mWYpRM_dyiJEOe-M3X0GgjEEnGm6FYdLR9HjY7NKjcf5eYZzsC4hYy1KtwGDJWig6ODOVd2Yi8KD0IQYMPbU_7y6f5_8Foz4gYh9yxSbfF4dO8KqkAXc6LebTYsoNE7A12OxDFt4hGggnGRe5As702EIpxnoM5vPAr8UGc43OZpMVEcdMHmHE-PqPKFFc54sPaYxyIYjzqeUl7jaeul8uWTmidCrG3wTQ9kidlwdMwIHXB7UqKxmkQTC1TJ7rmWfcGPjowfoyxVIQKfSR35IuC6g_sZcjyqHtCmVjn9xf4UrgLoxNq3tcJ0pMulAipZWo5U2rYvwjBf741VkH8mk8-I8KamKduOg3rKThgC6VdQLzZPOAfey8pStNudoJYwpwUup5CuNfwW-b4fwKTQlKrAJ29yRsU3GR7lNGMCi4eHSCpe11YU5CNWxvuII8F5AwsIsWx-takUTFwuLiA0X8DY_yHOJ44kSU1PR4hLo35q8H9s3Efg39781NNClnnyQCmU6CrIsTZljBDKseE38FIuQGf23u7pcaOAZOTyNCcurK_ASblVmU2VmrSB-YIdk8xbHEzqsZHHUwf-O8YRsPfLyCWYKr50TeVbc5WC2zEy4Q5kJo0Zd_2oS4dNEWKk4NddU8eS0ISbzBlev20qfdg1ZwQzFoj8VPhqbbyczdlOfMiHfktgJ5kcyi45cUpdobK4XgsRRLOGUZmSSOFRa_oOqRixKHxU32HxbBQYkgm_qvKsYjEVdIXwYcMdE98wBvMea1IyY4MbYaiKc3H7IZtzr-4wSNUaDPV5RG1qSKeBFIkFoatKTkZ_TV_yMTuO5V3JVPLKly3QpXOE1JCKqVgxvGwcH8eY1aRl-Wl90QSdPzH91Mmsv98jLMe2AlkXgwi23UtVBH0hHykmOzSOWx8lzn3YZVN4GvkD6kdHsLKzhHxxxoMoEwBeYBBPXZBuzpDaz19uYBHI_mkeK-ndjoLxZ4yY8puzTyaj1oH4_AvXKuE9yqg5LdvLb8&cid=CAQSOwDUE5ymb4HhibmxDj8ZZxcoMz-5k-idcg9l5WzeAy1CGSyEnvjsLsGVQxM-uVPxW-_w9vIXcmaQ7oOtGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2F9to5google.com%2F&ds=l&xdt=1&iif=1&cor=7480204375397119000&adk=1877897943&idt=194&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 22:20:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
75298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10940
x-xss-protection
0
server
cafe
etag
260008737171085554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 22:20:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA3F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:26:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 90BB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

age
46880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Fri, 03 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CA3F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
084f0e37abd4b42938b4a90d2fe4680849fe27e414dfcb985e35dc111825ce5c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 85C7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
349768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 90BB 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEErux97vEWg7_fJgjZ83N28&google_cver=1&google_push=Aa02lx-ad3UCdCkMVItXUhJ297uJnHtfrbSOEU8UckQax20kD4UMqNmjBaS1YyMUIS49jTPSN-zXlKmOJ6pL_rGqZcycmfjDT7uOxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDpMnwegEaohHsnEHYAAhWs&google_cver=1&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRx...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRxKR1_FwJOrMAD0cZA2elxfNfbFkA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRxKR1_FwJOrMAD0cZA2elxfNfbFkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROSDk3TDctMU4tM0ZISw==&google_push=Aa02lx_12htzLWJTt4NEIMSL7nbW79tt2SlCvslToLcdESD0lH9JJDZojlw-pAJWEwRlKU0rHRxKR1_FwJOrMAD0cZA2elxfNfbFkA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&google_nid=index&google_push=Aa02lx_93euSYirkgmtZ2oX1dN5GiJOvDDe6k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&google_nid=index&google_push=Aa02lx_93euSYirkgmtZ2oX1dN5GiJOvDDe6kQXJ-BFi4dOCqB4mPatJ4lbvHcCEuw0GMB5Gz_FYgbsZxWMfGAaB-UlkN-HgCqrDdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgXvAGGkaZqw4txudZs6E62MP22A%2BJOmLYhGMS%2F%2BCahNPN7WBz57eC%2BRYD1PLRK3ltQVXkXKtP%2B4Q%2F7ypuSvTT8ysqCuA6KBC4k8f5F6Rl33bVjrVwvN7CJSuaVOzHALDhkN9ZqhFKCWyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECJtboIVgce74VUyL7Q_TpA&google_hm=Y9wLyqTeI5eU1jeEeS8DGAAAApsAAAIB&google_nid=index&google_push=Aa02lx_93euSYirkgmtZ2oX1dN5GiJOvDDe6kQXJ-BFi4dOCqB4mPatJ4lbvHcCEuw0GMB5Gz_FYgbsZxWMfGAaB-UlkN-HgCqrDdQ
cache-control
no-cache
cf-ray
793541562ab815ec-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP2wi8jmFdEQWB4QhObuPSo&google_cver=1&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt95H49ZBaTV09aQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt95H49ZBaTV09aQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Feb 2023 19:15:23 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_ZQM6HGmgIWWYM7qu1tVY_HF2zrNUr5YEhM2At8yaPRgJH8WGVP1CwfQYLWBnwh3cPVW94LkO74_U4Aelt95H49ZBaTV09aQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
d4mZFQI8Xr1k0YCNieLjaguK7VG6bAdb-jI8NJNDYhV7lW0Ypm5iZg==
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBsG-W1dMQraEL4S209eF-s&google_cver=1&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB8LV7oNsM8WmE2jjZhQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB8LV7oNsM8WmE2jjZhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-GCG-xnKF2T5Vq7SaVX1r6D3GMsHU7Hg36np-y19WHi9lY2EUlpTn50Lo-0ldWATMYU0xSotG-HXJB8LV7oNsM8WmE2jjZhQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESENyPi0nIfkqHZA5eAL8qi-w&google_cver=1&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjd...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENyPi0nIfkqHZA5eAL8qi-w&google_cver=1&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwef...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88GiOrVXT-SyVk8INxZYQQ&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88GiOrVXT-SyVk8INxZYQQ&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjdloUrtA4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88GiOrVXT-SyVk8INxZYQQ&google_push=Aa02lx-rsgOEYGOYh8Rzo7Ey1ZX2EgggvLEGTY8jx001PA2XCit96CqgkxNXr_w2reJBvAEsX7NWKw51baxsKwefktaEjdloUrtA4A
access-control-allow-origin
*
date
Thu, 02 Feb 2023 19:15:23 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 90BB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZu...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZuz2bLePdbcgTOMJ8fS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZuz2bLePdbcgTOMJ8fSbRLZsu6v-YKUba5tnHiD7MP-9pOCNXEsHsOO7WzbHDbGBu_QLo713MwZX94piIowVmnQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 02 Feb 2023 19:15:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
46b75374-41ff-4df1-893b-5f71436e3a43
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDMyMDUyNjAyNjYzNjgxNTYxOQ%3D%3D&google_gid=CAESELAGC49bhrKaIYK3k9B2WSk&google_cver=1&google_push=Aa02lx8jQ1BLukEZuz2bLePdbcgTOMJ8fSbRLZsu6v-YKUba5tnHiD7MP-9pOCNXEsHsOO7WzbHDbGBu_QLo713MwZX94piIowVmnQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 90BB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km7BHLsSFeZhb5beK4jU_8T5nMS5vSBAyqkPoiAM0WsitTx2bNulXc3P2DfdqFB38QpE9LVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/18195187998165275087/ Frame 8CF8 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ee6998cd72913d2c7441cd562425c6a9d831c15469aeab2272426dd320a4a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
534658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2718
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Jan 2023 14:44:25 GMT
expires
Sat, 27 Jan 2024 14:44:25 GMT
last-modified
Thu, 29 Dec 2022 13:37:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CA3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGcLvFSPnUD8YFafbFU3SmuazwxCRnvM58BKQ1Bb7pDgHA1ljUmxvJ-GcX8jkk7VCiuIAmnKhaqcgC9rqA3x1Q1bzrCnUJev0w5S0605OjU0RYJFFyftTIJiIvBLrqj_kzjF4VcNLFV583WYs0nhftkHh0zCXb2m6MuRfg2EPh3EPIR_401oZV-q7DL2c5Qz9SgbC_AIBHWqOafbCMYHiyuq6xilgUfe1Nb6ECrQoQdk3IrT0aXP7xk6k7F_He5QnJ6mTEbCJ2mgrxPtGZYph62D2P3Qge78pqf6qfAc-68CnX8NvOYfKrsRGzGT6hEYK9XELWU-m-ovub3PyIfi8W63EgXG57LjnU_LFBS6Wkbd6yy9fXbfFz5Ta9CWksfEC-6VoDqpyfQOlMijp3x6hOSN2vw1eaeFgxKu0F2uXHKmocxV09S-XWlWrxkiPmZgDSiHaDbDxBXcx0n-bEh4Tp6HOANOT9KQxQD9cTIkIAxPCJa0HDIDWq2G7HpdWHAbu-T6ki6fTydS-KvH3bq9zqveCBhNbBk2qoUTBYXyP1Z3BXIH1nqztpRJuqYbRHKT16BTMKpnnx3vpPzHrlSf_F6ZWjnHOWw1WHFn6yNbgk4qBGNvMDU-wVheYP1xBFO2u8R1Fr6snHFv-X4jXCVSUgjce9DI8SVIXcv_NfW3RJ7VQhdFiZVxglfmAG6aOmZgd708xqWySlB5Zh9oxMy7hoeCinsGg7oFO8t_rzO8NrP4qbNyczKp2oxG6JDxZV1Xupuewsdv5RMb5DMke0zDkuKD4N8YBhe7LVYveKSNpUm5454qokmQKJRKRyRWD1hOPoQAE22fBKhO_eq77hqnSdEaRpnASd2fWxHjdi0I_jFfhMdea92DdyMTCcypTqt98WabeDi218F8bBxnyfnNvJ610alovryYb_rWvisEGze6cQTq8Lv0Qrso4FXc3OVhyezhplNhz4N5ba__wmXuRvkQs0Dw7hiobqSaRWwojTn7lwzrzaC2k1V90F7k_wilhXyRgrhDMhuu3Y0xZp4xsoPmXFdUr8RzIgXkxVR3FM0UK1tT9SGkPMSmN2EbUZWNNlkBFFGkzfqJkbgJdU-9Y-8DpZtFJTXAmBAdwI0fj-20ka499ceIphmgxhHFlS3BPdOgXOSyYMR_UBVvBPV_J55CBWPfeIa6dTrX3SD2b_lpxyqnNL90JWK9BfXWlBx6GI-jNj38iZ6tfucHpfgHJLMQ17ocnmUMcvMqbsd7GrVAFKEpj3nVPnW1e3Hr_TBffwppO5fn39lLYmCOP0Ivf3qU6fkV40H_D44DnAHl884Zn-d3iJgwth0q1z8V2-_U54BwY&sai=AMfl-YQHSEpwLLzhuepKDa1-vWB8HqHUym913LjDmMLzKlITX67lyFa-5PxfKaCJHkrU3ueWm_EboTghCcDybAR-r4lNOK0ZSpQjn5ZVo6tTdBNcNo0KXvU6sjtJ4NSlDxBM-rWFCf7NQNFTUogVQ0E1T2EpKtaC0Ut0NSeXRnHC6o-mkoCe1rlqQtHIkiiphfoT1QYY57tWbefxBnMFp37dHcbGzBJyPAMRiqBfMgMjbX7yOv1_H_FxF2MyKlqWH6ooTDG4zs2qo6CNaMfv2vQgpK45XqZ-&sig=Cg0ArKJSzE2TklqhWWypEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&cbvp=1&cstd=294&cisv=r20230131.58972&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 02 Feb 2023 19:15:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Feb 2023 19:15:23 GMT
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 85C7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 05:31:28 GMT
async_usersync
ib.adnxs.com/ Frame 387F 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
AN-X-Request-Uuid
ad980f08-99d9-4be0-8128-7ac0fe474ea5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7EA0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 19:15:23 GMT
AN-X-Request-Uuid
537d1872-6d2b-42ef-b55c-07c01c0a4330
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
194.34.134.148; 194.34.134.148; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 41B8 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time
1675365323426
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/pL2fbFuYs3o?playlist=Y3s2I-Wba9M,qqquCQAwX7Y,uaPMn28AGhw,iTwylmWhJv8,9dVvqU2TBts,4KxBvWbSo4M,PP_1HVcEsLQ,gKRNnsDJXxw,hnOCTZdDflE
X-YouTube-Client-Version
1.20230129.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVOWhlcGZOZ056QSjIl_CeBg%3D%3D
X-YouTube-Ad-Signals
dt=1675365320774&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Thu, 02 Feb 2023 19:15:23 GMT
banner_336x280.min.css
client.bannerspace.net/111331/ Frame 8CF8 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111331/banner_336x280.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7746bda4a3c54e2d545c8220e62513d4b29bf563ebb871f914d191896ed227a1
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:23 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1465
expires
Thu, 02 Feb 2023 19:45:23 GMT
royal_dutch_airlines.svg
client.bannerspace.net/111331/ Frame 8CF8 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/royal_dutch_airlines.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
491f5a65122be3ff1bd69af98a22bdcb58aa84dae4a95ade02f2fa84bf2fd7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:23 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1842
expires
Thu, 02 Feb 2023 19:45:23 GMT
winglogo.svg
client.bannerspace.net/111331/ Frame 8CF8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/winglogo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b6b92d26d6a88377497bc54d5cbcd48567f8d6f01a3d4dad8defa4505ba9254a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:23 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1884
expires
Thu, 02 Feb 2023 19:45:23 GMT
TimelineLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 8CF8 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TimelineLite.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4928749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3706
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-3026"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qglbras5d7ewk96JhrXD%2FzFnvOe9A%2FWuMETXbXhZ8%2BGUJ%2FXuMvB6hJAiU4FICGKmu21UInNMWlkyHuTJksq9DSQtKZUQf1Ylv0CIy1BCb7d0KAHiHlvLSFNA67F4E3BVwV2fCLwlBec2lMAn7Z3NxlzR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7935415a7c3c3766-HEL
expires
Tue, 23 Jan 2024 19:15:23 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 8CF8 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1173626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOWslffK%2BbeZ3Jpw%2ByTfY9rn804YUExRukGoxh%2B9crjqk6tTxa2tj1DEHZn3rjblLBNwsm6CfckrjYVRzaeVx%2F6t68p8dh3L%2FjjNJYYqp8r0Up3vGsrnWQPE0QkSPWxmYPIrpFYpeh1M2aPtVrMSxszq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7935415a7c3e3766-HEL
expires
Tue, 23 Jan 2024 19:15:23 GMT
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 8CF8 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6212339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0muoItGjeHLpj1ggM6q%2B96JY85zGLVjpNVRMEyH5A8ExoALM4tYBWwjPiU3CqvI1vfyS%2Bv6zGo97R4Jj9DpHs6j8GjCnVdACRkE5NGXc7E2EJTU3F5vTXbCg9tws2wyKpDkN%2F21UKKMqM2rxRrVYXZAf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7935415a7c403766-HEL
expires
Tue, 23 Jan 2024 19:15:23 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 8CF8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17703977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alXprEIsyfersQA2LTqCzE4uUvIjNA5VBJaAp1ZeycpmZYK8UYWjYbiUb7ysTLh5yU39a3EblTxB6z%2BK0e9%2Bs9R2LOCcIDj1k0Jkda3A4OuVtvJkXwunDGQ9OoeOkuI3lqARHdN2Se7cC2RQm2lOnw98"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7935415a7c3f3766-HEL
expires
Tue, 23 Jan 2024 19:15:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B76YvygvcY5CTNbaA9u8P5OC_CAAAAAA4AeAEAg&bg=!AgGlAUXNAAaq5O5FiuQ7ACkAdvg8WiPEfRMHGZz8JnsUPV6_eX3hn8awzHN6lJuWP8ijAfbLWcqXcwIAAABoUgAAAANoAQeZAvJAPOUHdYIadG1ftl40h-7EsST4XayvTITqfPmzAkV-HCc6L304cWTvjgjRL1tCNftTd__NInVGSn7ZrWliYsNNQGqeNyMfBFr-got9sw3dfU_ZXxsojnHPqp2jqS0QqLmR_XXoWBtqdAdejeZgs_wPn6vhubaNyh6UA67TBJz8FALFXuH1ZQbjjak91sYFikYiWejdBvRFYU8oBdNldN1MoCwrqiQO6B5RuHz73PmpbetOVl6txk2dzus_obSU-2TyusUzATqzxyenlfnwL1_ciGFkXN_jHV-Sk924VsWTq9TKMmEpDIhaOy_cULwDMl3usYiFHkoIk_0VOwwstw4X24DeOBwot4GV9QjFwa2XzE_KZ3gak0wpwyYH_ZVTVqqFNnr0739vLwVdQ6-Qi8EkDPW-GJFRRNGdPm9Zea6_hRJNBjUWumH-V_BLVm2mWNIaJivwufLX5x6dXJFrd40TIY_yYXSgqZmxVzUG19K0MjThbZzsy4k7RBO_HDaYc3uDiMKQNAuw3iDsV_4Fm-nSSWHhplyYRMaysHXAz9vFaNZqxoZmqAxtMaQNVswyaVamjAerwIjbmvKN__cDLty7JtnttVIDtHeCA3xbvxe85Gf8fZa-eUhWnNbQ9dA5MbStOBoEEUvImV-EPpSENzbJze4PLv39W5xks4D4p5vxEXR7T4efYWqiyxj9QYcfSyk67UYMP1A2fWldGxQjwMIQMZ_dhyRmehT_LgF2HwV2F1BoEmnhGMvM2oCkDO6tMXv8sC0SEneR2i2EAtNRc1Drd5ijDw0mqyezy7QDHHAFuIS91RcP6BogoILkxD_T4lI-Nz2AWxrkcWMUkc_CQ-UAYjht_tlFocpo6ioYconYLZ17lsJhHmFeb-MDtwquh7Rka8MIgHTHPT_q5wauPme0n8grP7vaTRHphntHAtlrSiCfwram_9ThhjOgrVHFi_SLKU8BjrjRhMqOESryWtF46R7S6TG_63h9Whs3ODJZ0lRh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8513483021683571&output=html&h=280&adk=3468393327&adf=996195446&pi=t.aa~a.2799453629~i.11~rp.4&w=667&fwrn=4&fwrnh=100&lmt=1675365321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8529604295&ad_type=text_image&format=667x280&url=https%3A%2F%2F9to5google.com%2F2023%2F01%2F30%2Fgoogle-fi-data-breach-tmobile%2F&fwr=0&pra=3&rh=167&rw=667&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675365321053&bpp=1&bdt=1614&idt=1&shv=r20230131&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23b914150dc77259-22939d0f84db00d5%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA&gpic=UID%3D00000bae3064a51a%3AT%3D1675365320%3ART%3D1675365320%3AS%3DALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ&prev_fmts=0x0%2C336x280&nras=2&correlator=5406572892927&frm=20&pv=1&ga_vid=602077083.1675365321&ga_sid=1675365321&ga_hid=296853756&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=2220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071662&oid=2&pvsid=2428549485718897&tmod=219427400&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WWi1E7ZzmY&p=https%3A//9to5google.com&dtd=249
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ctaarrow.svg
client.bannerspace.net/111331/ Frame 8CF8 		274 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/ctaarrow.svg
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111331/banner_336x280.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://client.bannerspace.net/111331/banner_336x280.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:23 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
210
expires
Thu, 02 Feb 2023 19:45:23 GMT
NoaLTStd-Regular.woff
client.bannerspace.net/111331/ Frame 8CF8 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111331/NoaLTStd-Regular.woff
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111331/banner_336x280.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

Referer
https://client.bannerspace.net/111331/banner_336x280.min.css
Origin
https://s0.2mdn.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
23664
expires
Thu, 02 Feb 2023 19:45:24 GMT
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://9to5google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 82C3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGbZugkBkodsRB1tsgbVRoE9QxJ2mdzSxJV8HY7D_LyuJ4o4okZdCQbWN3k5XnwIIeoNyFykpj2htvJ6LLP-qRfyMsDS3h9MgVYWEjpfHzoK9QueyyqUqSF5Hk6ugvb_0-7B551g&sai=AMfl-YSxO2768A1KhZ3_dI80mbMWH9QgDDoZzJGBZYXVTLINU3V2T0qRAQwaPV2o29oiFynfSwGVCXXWeOYHlXGn271Fxvp5DMs4ZlVBgtDnLt1YZKq4cjOgxzgIFGk&sig=Cg0ArKJSzBDaDnP554TDEAE&cid=CAQSOwDUE5ymKNIh_dU6cL8X9ZFtQdcnGNQMCbX4jjcMNMPr3ugY3NFbLm0UIqms7yUi1dV2qSKap4v_2PC1GAE&id=ampim&o=315,125&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=468&tls=1468&g=100&h=100&tt=1469&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://9to5google.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://9to5google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
feed.xml
client.bannerspace.net/113885/ Frame 8CF8 		2 KB
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/113885/feed.xml?preventCache=0.7130483199717057
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8827969106050f6e4bdcffaf810fff3159edb7ae4fc1b49735500ec90986f6b7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:24 GMT
last-modified
Thu, 02 Feb 2023 04:05:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
no-transform, max-age=300
accept-ranges
bytes
content-length
542
expires
Thu, 02 Feb 2023 19:20:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGcLvFSPnUD8YFafbFU3SmuazwxCRnvM58BKQ1Bb7pDgHA1ljUmxvJ-GcX8jkk7VCiuIAmnKhaqcgC9rqA3x1Q1bzrCnUJev0w5S0605OjU0RYJFFyftTIJiIvBLrqj_kzjF4VcNLFV583WYs0nhftkHh0zCXb2m6MuRfg2EPh3EPIR_401oZV-q7DL2c5Qz9SgbC_AIBHWqOafbCMYHiyuq6xilgUfe1Nb6ECrQoQdk3IrT0aXP7xk6k7F_He5QnJ6mTEbCJ2mgrxPtGZYph62D2P3Qge78pqf6qfAc-68CnX8NvOYfKrsRGzGT6hEYK9XELWU-m-ovub3PyIfi8W63EgXG57LjnU_LFBS6Wkbd6yy9fXbfFz5Ta9CWksfEC-6VoDqpyfQOlMijp3x6hOSN2vw1eaeFgxKu0F2uXHKmocxV09S-XWlWrxkiPmZgDSiHaDbDxBXcx0n-bEh4Tp6HOANOT9KQxQD9cTIkIAxPCJa0HDIDWq2G7HpdWHAbu-T6ki6fTydS-KvH3bq9zqveCBhNbBk2qoUTBYXyP1Z3BXIH1nqztpRJuqYbRHKT16BTMKpnnx3vpPzHrlSf_F6ZWjnHOWw1WHFn6yNbgk4qBGNvMDU-wVheYP1xBFO2u8R1Fr6snHFv-X4jXCVSUgjce9DI8SVIXcv_NfW3RJ7VQhdFiZVxglfmAG6aOmZgd708xqWySlB5Zh9oxMy7hoeCinsGg7oFO8t_rzO8NrP4qbNyczKp2oxG6JDxZV1Xupuewsdv5RMb5DMke0zDkuKD4N8YBhe7LVYveKSNpUm5454qokmQKJRKRyRWD1hOPoQAE22fBKhO_eq77hqnSdEaRpnASd2fWxHjdi0I_jFfhMdea92DdyMTCcypTqt98WabeDi218F8bBxnyfnNvJ610alovryYb_rWvisEGze6cQTq8Lv0Qrso4FXc3OVhyezhplNhz4N5ba__wmXuRvkQs0Dw7hiobqSaRWwojTn7lwzrzaC2k1V90F7k_wilhXyRgrhDMhuu3Y0xZp4xsoPmXFdUr8RzIgXkxVR3FM0UK1tT9SGkPMSmN2EbUZWNNlkBFFGkzfqJkbgJdU-9Y-8DpZtFJTXAmBAdwI0fj-20ka499ceIphmgxhHFlS3BPdOgXOSyYMR_UBVvBPV_J55CBWPfeIa6dTrX3SD2b_lpxyqnNL90JWK9BfXWlBx6GI-jNj38iZ6tfucHpfgHJLMQ17ocnmUMcvMqbsd7GrVAFKEpj3nVPnW1e3Hr_TBffwppO5fn39lLYmCOP0Ivf3qU6fkV40H_D44DnAHl884Zn-d3iJgwth0q1z8V2-_U54BwY&sai=AMfl-YQHSEpwLLzhuepKDa1-vWB8HqHUym913LjDmMLzKlITX67lyFa-5PxfKaCJHkrU3ueWm_EboTghCcDybAR-r4lNOK0ZSpQjn5ZVo6tTdBNcNo0KXvU6sjtJ4NSlDxBM-rWFCf7NQNFTUogVQ0E1T2EpKtaC0Ut0NSeXRnHC6o-mkoCe1rlqQtHIkiiphfoT1QYY57tWbefxBnMFp37dHcbGzBJyPAMRiqBfMgMjbX7yOv1_H_FxF2MyKlqWH6ooTDG4zs2qo6CNaMfv2vQgpK45XqZ-&sig=Cg0ArKJSzE2TklqhWWypEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1303&vt=11&dtpt=1005&dett=3&cstd=294&cisv=r20230131.58972&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: 9to5google.com
URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Feb 2023 19:15:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b08d682636e3f50b9def7923f3fd3bfcacb34e301d1c22b094f02b3acff9a62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10991
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/20278522/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:50:19 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
1505
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
w8ong19IGfHIrUA3W2vDMmSYzWEAFGadfTrL6znL4CwbZYTZUKvEWg==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 02 Feb 2023 19:15:24 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
0
x-amz-cf-id
CSvwThP8LhHMhVAwSqynF2zQvUbhi-Cr5l4MkDSi57G5fOm5UPr5Ng==
x-cache
Miss from cloudfront
engine.min.js
client.bannerspace.net/111331/ Frame 8CF8 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111331/engine.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18195187998165275087/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
659c61412cd3c5142dbd5a95d8f5f9a1aab931e4a2016694a8b14ee99e2d14f7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:24 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
3079
expires
Thu, 02 Feb 2023 19:45:24 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 620B 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161751&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
royal_dutch_airlines.svg
client.bannerspace.net/111331/ Frame 8CF8 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/royal_dutch_airlines.svg
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111331/engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
491f5a65122be3ff1bd69af98a22bdcb58aa84dae4a95ade02f2fa84bf2fd7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:24 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1842
expires
Thu, 02 Feb 2023 19:45:24 GMT
winglogo.svg
client.bannerspace.net/111331/ Frame 8CF8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/winglogo.svg
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111331/engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b6b92d26d6a88377497bc54d5cbcd48567f8d6f01a3d4dad8defa4505ba9254a
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 19:15:24 GMT
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
1884
expires
Thu, 02 Feb 2023 19:45:24 GMT
NoaLTStd-Light.woff
client.bannerspace.net/111331/ Frame 8CF8 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.bannerspace.net/111331/NoaLTStd-Light.woff
Requested by
Host: client.bannerspace.net
URL: https://client.bannerspace.net/111331/banner_336x280.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

Referer
https://client.bannerspace.net/111331/banner_336x280.min.css
Origin
https://s0.2mdn.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
23972
expires
Thu, 02 Feb 2023 19:45:24 GMT
336x280_1x1_transparent.png
client.bannerspace.net/111331/ Frame 8CF8 		120 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/336x280_1x1_transparent.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Dec 2022 13:51:25 GMT
server
Apache
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
120
expires
Thu, 02 Feb 2023 19:45:24 GMT
336x280_std_RDD_Beach_2.jpg
client.bannerspace.net/111331/ Frame 8CF8 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/336x280_std_RDD_Beach_2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5b49db0f4c95c9e2039be4ab97352ca6103e304924dfb32ee540732d12e62dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:37 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
111700
expires
Thu, 02 Feb 2023 19:45:24 GMT
336x280_std_AMS.jpg
client.bannerspace.net/111331/ Frame 8CF8 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/336x280_std_AMS.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7931a06a6a8edf1a1fecbde76e449c7e5d27ec3cfad645e4f8d3e4b37da8aad7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:29 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
31819
expires
Thu, 02 Feb 2023 19:45:24 GMT
336x280_std_CPT.jpg
client.bannerspace.net/111331/ Frame 8CF8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/336x280_std_CPT.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
26bf4c9657e6c38989e34f412d76de27ded5c6bb9d89a412f324f7a6bd68379b
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:33 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
21177
expires
Thu, 02 Feb 2023 19:45:24 GMT
336x280_std_AUA.jpg
client.bannerspace.net/111331/ Frame 8CF8 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.bannerspace.net/111331/336x280_std_AUA.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:387::21cf Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
143901963ea332e41f5090417f12aaca5ba56ea7b8d3d659b504b807d3c97acb
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
date
Thu, 02 Feb 2023 19:15:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Dec 2022 13:04:33 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform, max-age=1800
accept-ranges
bytes
content-length
36914
expires
Thu, 02 Feb 2023 19:45:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8513483021683571&plah=9to5google.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 19:15:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB9D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:14:05 GMT
expires
Fri, 02 Feb 2024 19:14:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B337 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec79b9c3e6dfd082c670ef79c928b52b7bc895665e93d9d2d32d591370224ce0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1WlKw9ul1SBG8iNwwZHRbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9to5google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-1WlKw9ul1SBG8iNwwZHRbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 19:15:24 GMT
expires
Thu, 02 Feb 2023 19:15:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame BB9D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
49436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 05:31:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B337 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230131&jk=2428549485718897&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BB9D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iuvObw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 14D3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60919684&p=161751&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e65e3fefb29c42a7a456f6c69617852af8dffc3723817787cb57f7d85d98cc0d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 19:15:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 93CF 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3883BA43-0F03-41DD-930F-D0B82E6F9611&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 02 Feb 2023 19:15:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BNFDCD3EKPRW2BVRRBXS
Pug
simage2.pubmatic.com/AdServer/ Frame A9A4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195639279748053147&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195639279748053147&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 02 Feb 2023 19:15:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7195639279748053147&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 2699
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XfmeCcReQqx0ai5eOx9bDcIihpQ&gdpr=0&gdpr_consent=
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XfmeCcReQqx0ai5eOx9bDcIihpQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 19:15:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XfmeCcReQqx0ai5eOx9bDcIihpQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1768
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9wLzQAAATZt_wAF&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9wLzQAAATZt_wAF&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 19:15:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 02 Feb 2023 19:15:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9wLzQAAATZt_wAF&gdpr=1&gdpr_consent=&_test=Y9wLzQAAATZt_wAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220070-HHN
x-timer
S1675365326.506907,VS0,VE0
info2
uipglob.semasio.net/pubmatic/1/ Frame 14D3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:29 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:29 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3883BA43-0F03-41DD-930F-D0B82E6F9611&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 14D3 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3883BA43-0F03-41DD-930F-D0B82E6F9611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
793541634f90fe4c-HEL
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 14D3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3883BA43-0F03-41DD-930F-D0B82E6F9611
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.20.193.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-193-33.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 19:15:25 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 02 Feb 2023 19:15:25 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
cr
cr.frontend.weborama.fr/ Frame 14D3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3667257824
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3667257824
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
via
1.1 google
last-modified
Thu, 02 Feb 2023 19:15:25 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
via
1.1 google
last-modified
Thu, 02 Feb 2023 19:15:25 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3667257824
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 14D3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433826301371471&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04014986-0eba-466a-aff0-c516ed5a13ef&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04014986-0eba-466a-aff0-c516ed5a13ef&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 19:15:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=04014986-0eba-466a-aff0-c516ed5a13ef&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 02 Feb 2023 19:15:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
3883BA43-0F03-41DD-930F-D0B82E6F9611
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 14D3 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3883BA43-0F03-41DD-930F-D0B82E6F9611?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 14D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3883BA43-0F03-41DD-930F-D0B82E6F9611&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kG7DhvdE2uXA5q0F9dc153edlXE4QiM-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kG7DhvdE2uXA5q0F9dc153edlXE4QiM-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kG7DhvdE2uXA5q0F9dc153edlXE4QiM-~A&gdpr=0
date
Thu, 02 Feb 2023 19:15:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 14D3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3883BA43-0F03-41DD-930F-D0B82E6F9611&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 14D3 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 02 Feb 2023 19:15:24 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 14D3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9234bece-ce30-4f4d-85d0-d09cadab0186&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9234bece-ce30-4f4d-85d0-d09cadab0186&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 02 Feb 2023 19:15:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9234bece-ce30-4f4d-85d0-d09cadab0186&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 02 Feb 2023 19:15:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA3F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=63735465234&version=m202301230201&ct=76&x=1&cor=7480204375397119000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 19:15:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230131&jk=2428549485718897&bg=!_P-l_7vNAAaq5O5FiuQ7ACkAdvg8WnzaDnskQ2ngE1DkbDuJBuC_-mytwKG9l8Xxflo2hqXjNl-lGAIAAABkUgAAAARoAQeZApwPX217JIg2AJFZFOr-Hm04FsHZxZ3v0DOi1A2viXk-5Ikr8Ydk5F8mdeyY11AjInyaWlgXkiSHee003aOf_yz4rnp_Jw0cCLezgCBwC2hrlpQlROXxxSkLLtSx6_ysA_LLxG6t3ZC9yPDcXgJTC-_FJ5uEkKbPb-6ViMuIrzxJMilvhsYMC7KE6kcSOx9-bkT2_pGWPSkFOKiGG6EWekITQKnzNSoOQcnSHwV1SdpPQvtWgnjFJC-mvplCCg4PMlBa1r3a4H6qFI5BfohDbBJtVfKULFoVPJ4CRyxnHvVw3Eq-pvyamMXyH9TrfTH_EywHd5kGJ9TZ1N3St51yjde4KUDXwJoWVVI64lf6pQAazCjQEHk__8N_VIwP303oGvo2siE6CPyxmGLpeQqkb8p0ImP6oIVtEB62CTdwkFpJ0ILL1ZFBmmMCqm0pzLt5ktUaR0bSJj_v3ssLH7IqOIEiemGVast0H4CkT-ed3kx98yVTgJxLwdtj4wrvl3hBfpmi79ntf95Ms_1KkmweNuiTaR3guOu5hRb6Ney7v2IFQ-PD_bJ1ikDEbLPv2o4VhR-o4ZYzUw52uepQT4xaSiU7VEJeJzhrCWBRtIQNd-Xn9TU87K8tc1-tIH_lElUK6A_bN5QU3j1SW5pGTm3rB7pTFrHnZcS7jU3hS_BiTgq2mjJzX1N1IsamoX5OvKaG6Komci-F7w7LHiBHBZz7xZJAxN1LVk8f76xLi6gaMbJLckL1E-sg_0OqtGjPpmx9V89mHa1x7fcJ9887wtfDl7fZFnih45WmufJB9ezp9bMFEwQhbMQTWK7QTjMfyu27MgGy-N6uKgV_7F2IcHqXe9LSNjVDhFZdKdH6goJ1UtUWUtOaenytsASfkIHEFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://9to5google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 14D3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161751&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:15:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| oncontentvisibilityautostatechange object| dataLayer boolean| canRunAds object| _wpemojiSettings undefined| $ function| jQuery object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| PWT object| googletag object| apstag object| adsbygoogle object| nineto5ads object| ninetofiveInfiniteScroll object| Scroll object| options object| _wpmejsSettings object| globalJSVars object| PushUpNotificationSettings object| Modernizr function| svg4everybody object| Mustache function| picturefill function| skipLinks function| tabLinks function| windowSize object| PushUpNotifications object| addComment function| stickybits object| mejsL10n object| twemoji object| wp object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| secondaryMapping object| adslot number| nextSlotId function| generateNextSlotName function| loadAds object| _stq function| vglnk function| st_go function| linktracker_init object| wpcom boolean| apstagLOADED object| apscustom object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| mnet object| ucTag object| OWT object| google_tag_manager boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16753653204466 undefined| vglnk_16753653204477 object| _qevents string| GoogleAnalyticsObject function| ga object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady function| quantserve function| __qc object| ezt object| _qoptions object| gaplugins undefined| vglnk_16753653208149 object| process object| regeneratorRuntime object| SPOTIM string| __OW_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ function| __475an521in8a__ object| googlefc object| msgData function| __an6na521li18__ string| MTYxNzg0Mzc2MjNiYzYxY2xvYWRlcl9qcw== object| MTYxNzg0Mzc2MjNiYzYxY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| gaData function| owActionQueue object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms

85 Cookies

Domain/Path Name / Value
.buff.ly/ Name: _bit
Value: n12jfi-c250bb54f6b12e1688-00j
.youtube.com/ Name: YSC
Value: ZulhXCHYuZs
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU1TlRZek9USTJNREkzT0RnNU16ZzRNZz09EMiX8J4GGMiX8J4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: U9hepfNgNzA
.9to5google.com/ Name: _ga_D2FJXCHD85
Value: GS1.1.1675365320.1.0.1675365320.0.0.0
.9to5google.com/ Name: __gpi
Value: UID=00000bae3064a51a:T=1675365320:RT=1675365320:S=ALNI_Mb6O1J15oABt2LIV6-bbJD0G9kSUQ
.scorecardresearch.com/ Name: UID
Value: 141e3f42ddbe795771553671675365320
.quantserve.com/ Name: mc
Value: 63dc0bc9-1bfac-d4e4d-29f9e
.spot.im/ Name: device_uuid
Value: 7f457bdf-2457-43f7-84fd-54321dcc44e5
.9to5google.com/ Name: __qca
Value: P0-183991031-1675365320782
.9to5google.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.9to5google.com/ Name: _ga
Value: GA1.2.602077083.1675365321
.9to5google.com/ Name: _gid
Value: GA1.2.1048564033.1675365321
.9to5google.com/ Name: _gat_UA-23224427-1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIyphIEAoYASABKAEwyZfwngY4AUABSAEQyZfwngYYAA..
.adnxs.com/ Name: uuid2
Value: 4320526026636815619
.rubiconproject.com/ Name: khaos
Value: LDNH97L7-1N-3FHK
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qquiu3yoXhF+5HNGL+qfTat55ImJjlda2nygjtf6KhetcbdgbhQRJDQjigZjypNtHkiPnBiMlBpvyk5KOc6754OUb3AVebP2vM=
.9to5google.com/ Name: spotim_visitId
Value: {%22visitId%22:%227f457bdf-2457-43f7-84fd-54321dcc44e5%22%2C%22creationDate%22:%22Thu%20Feb%2002%202023%2019:15:21%20GMT+0000%20(GMT)%22%2C%22duration%22:0}
.yahoo.com/ Name: A3
Value: d=AQABBMkL3GMCEDSVFTPTJTn1YsyJFH0wEgIFEgEBAQFd3WPlYwAAAAAA_eMAAA&S=AQAAAiWR0e4RUWneWbDT5BVcFiw
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3883BA43-0F03-41DD-930F-D0B82E6F9611
.9to5google.com/ Name: __gads
Value: ID=23b914150dc77259-22939d0f84db00d5:T=1675365320:S=ALNI_MaocEW1XXQ43o52VFEKs6zkOvO4MA
.casalemedia.com/ Name: CMPS
Value: 697
.quantserve.com/ Name: d
Value: EPEBCwGZKPijAA
.de17a.com/ Name: guid
Value: 1.3663462214792805106
.fiftyt.com/ Name: fifid
Value: ed18da9b-5a54-4315-7815-2ff691c9249f
.fiftyt.com/ Name: cs
Value: MTY3NTM2NTMyMnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fLrNJg8dZM328Y-XCYzM5sAzpw8rYB2OFO4rKCt3uZaE
.doubleclick.net/ Name: IDE
Value: AHWqTUmFr6cQZthf6qQFfU0z3iCafHd6EiPgPSYrTfT8bPJdhbkwd70ffsW4OEiBk_I
.doubleclick.net/ Name: DSID
Value: NO_DATA
.simpli.fi/ Name: suid
Value: CA153325566B498398913F2E6CCE14BE
.onaudience.com/ Name: cookie
Value: ea8ef65c3272da3a
.onaudience.com/ Name: done_redirects104
Value: 1
.fiftyt.com/ Name: fppm
Value: 20230202191522
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk&KRTB&19420-VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk&KRTB&22979-VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk&KRTB&23403-VHZv7FInaLZPdGnpAyYm61YgP-tPdzLpWyD5Fjsk
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3663462214792805106
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEGFahsTxXDrZB-VxVoJF0to&KRTB&22987-CAESEGFahsTxXDrZB-VxVoJF0to&KRTB&23025-CAESEGFahsTxXDrZB-VxVoJF0to&KRTB&23386-CAESEGFahsTxXDrZB-VxVoJF0to
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 14ca63dc-0bcb-4d00-b55d-327ab5569635
.casalemedia.com/ Name: CMID
Value: Y9wLyqTeI5eU1jeEeS8DGAAA
.casalemedia.com/ Name: CMPRO
Value: 667
.demdex.net/ Name: demdex
Value: 51713153530927698641743390543683442271
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4320526026636815619&KRTB&23339-4320526026636815619
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&KRTB&16736-uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&KRTB&23019-uid:a94e63dc-0bcb-4100-90f2-9df540b3008a&KRTB&23114-uid:a94e63dc-0bcb-4100-90f2-9df540b3008a
.bidr.io/ Name: bito
Value: AANaYU7HuBgAAB9G0iX3zw
.bidr.io/ Name: bitoIsSecure
Value: ok
.dpm.demdex.net/ Name: dpm
Value: 51713153530927698641743390543683442271
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$KwMdiK!]tbPl1M>e)ZlrFUfJ+tGXxpKLcYcp:zAG(F7EX8Q1bW%V(g.o^ND1'.9Om#3If)y3KL9D3I?+%C8=>>
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: uid
Value: 934466441402492417
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2b4c7eff-a808-42ea-8d9a-f7f6d9bea8bd"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzUzNjUzMjM7MjswMjEP3H4rteJ+jf6ApIzbLl+E6cJ8/nQr623yFZxZMZjfFw==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2943:u=1:x=1:i=1675365323:t=1675451723:v=2:sig=AQHmziCYCW_6D6-Zc2ioakqfwtQw5BJq"
.amazon-adsystem.com/ Name: ad-id
Value: AxggQn2at0gAucnZPsRwIW8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-934466441402492417&KRTB&23263-934466441402492417
.blismedia.com/ Name: b
Value: 63DC0BCBA72134944B3D7AE1BLIS
.360yield.com/ Name: tuuid
Value: f3c1a23a-b557-4fe4-b256-4f0837165841
.360yield.com/ Name: tuuid_lu
Value: 1675365323
.pubmatic.com/ Name: SPugT
Value: 1675365324
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 161751:4
.pubmatic.com/ Name: DPSync3
Value: 1676505600%3A201_197_226_227_235_241_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1675900800%3A15_223%7C1677888000%3A203%7C1676160000%3A63%7C1676505600%3A220_233_56_3_21_251_55_8_13_71_81_54_161_7_22%7C1676592000%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~29rv:18z8~29rv"
.weborama.fr/ Name: AFFICHE_W
Value: UdtKoKi4iZ5R83
.adsby.bidtheatre.com/ Name: __kuid
Value: 9234bece-ce30-4f4d-85d0-d09cadab0186.444579325
.adfarm1.adition.com/ Name: UserID1
Value: 7195639279748053147
.zeotap.com/ Name: zc
Value: 52cec618-17bc-437b-64a7-af0a84036958
.bidswitch.net/ Name: tuuid
Value: 04014986-0eba-466a-aff0-c516ed5a13ef
.bidswitch.net/ Name: c
Value: 1675365325
.bidswitch.net/ Name: tuuid_lu
Value: 1675365325
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7195639279748053147&KRTB&23278-7195639279748053147&KRTB&23369-7195639279748053147
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y9wLzQAAATZt_wAF
.semasio.net/ Name: SEUNCY
Value: 952B1374372C02A
.audrte.com/ Name: arcki2
Value: ff24Mi9ApGlTmWu5wK2KtFcmw!20220908!1675365325650!ip#194.34.134.148
.audrte.com/ Name: arcki2_pubmatic
Value: 3883BA43-0F03-41DD-930F-D0B82E6F9611!20220908!1675365325653
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5df99e09-c45e-42ac-746a-2e5e3b1f5b0d.gmVXbrk1myxVTozC9MWorSNCCSqVnDaSSZYBkxaI6VI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AXfmeCcReQqx0ai5eOx9bDcIihpQ.gz1JOzN9uQr8C3f4goajcqC4ASIdhPP7SQJGQipjSgA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM2MDQ2NzQxNxTiM9SNsvT1yiwtqMy3zE0DAAjls_wlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjM2MDQ2NzQxNxTiM9SNsvT1yiwtqMy3zE0DAAjls_wlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5qbGZqbGRqbmoGADHcLLwQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-XfmeCcReQqx0ai5eOx9bDcIihpQ&KRTB&23334-XfmeCcReQqx0ai5eOx9bDcIihpQ&KRTB&23417-XfmeCcReQqx0ai5eOx9bDcIihpQ&KRTB&23426-XfmeCcReQqx0ai5eOx9bDcIihpQ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-04014986-0eba-466a-aff0-c516ed5a13ef
.pubmatic.com/ Name: PugT
Value: 1675365325

4 Console Messages

Source Level URL
Text
security error URL: https://9to5google.com/2023/01/30/google-fi-data-breach-tmobile/
Message:
Refused to execute script from 'https://api.viglink.com/api/sync.js?key=b8f771eed689587b82c4635131ce08d7' because its MIME type ('image/gif') is not executable.
other warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ea8ef65c3272da3a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9to5google.com
9to5mac-com.videoplayerhub.com
a.audrte.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.fi
ampcid.google.com
ampcid.google.ru
api-2-0.spot.im
api.btloader.com
api.viglink.com
aud.pubmatic.com
btloader.com
buff.ly
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
c9de27355b09e872903c5d451751c5c5.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.indexww.com
cdn.viglink.com
cdnjs.cloudflare.com
client.bannerspace.net
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
contributor.google.com
cr.frontend.weborama.fr
d5p.de17a.com
direct-events-collector.spot.im
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jnn-pa.googleapis.com
js-sec.indexww.com
launcher.spot.im
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
nineto5mac-d.openx.net
onetag-sys.com
p.rfihub.com
p4-fl2x5jekyv4gs-gu22r3htasuh6hle-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid.media.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static-cdn.spot.im
static.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
104.18.33.19
13.224.189.73
13.224.189.79
13.224.195.78
13.225.78.101
13.225.78.33
13.225.78.65
13.225.87.188
130.211.23.194
135.125.160.77
141.226.228.48
141.94.171.214
142.250.180.230
142.250.184.194
142.251.208.98
142.251.39.67
151.101.65.108
151.101.66.49
172.64.151.162
172.64.154.237
176.34.141.217
178.250.0.163
178.62.202.251
18.156.0.31
18.156.195.47
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.226
185.64.189.229
185.64.190.80
185.80.39.216
192.0.66.2
192.0.76.3
192.0.77.2
193.0.160.129
198.47.127.20
2.18.235.93
2001:4860:4802:32::36
213.155.156.164
23.203.124.192
23.37.42.132
2600:9000:20eb:8200:6:44e3:f8c0:93a1
2600:9000:20eb:8a00:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::ac43:db6
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700:20::ac43:4513
2606:4700::6811:180e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:400d:802::200a
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2008
2a00:1450:400d:80e::200e
2a02:26f0:dc:387::21cf
2a02:fa8:8806:12::1400
2a02:fa8:8806:12::1460
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:33bc:5bfc:5b60:ccd5
3.248.39.194
3.68.131.77
34.107.148.139
34.111.129.221
34.95.81.168
34.96.105.8
35.201.96.126
35.204.74.118
35.244.159.8
35.71.131.137
37.157.5.142
37.252.171.149
37.252.173.215
51.75.86.98
52.20.193.33
52.211.218.241
52.46.128.147
52.48.86.28
52.49.185.121
52.85.5.65
54.228.205.168
54.85.151.23
67.199.248.13
67.220.224.150
69.173.144.138
77.243.60.138
85.114.159.118
98.98.134.242
99.86.4.93
0025f7355e674ecc77f8ac3deb4586090ee4f1463cef7f175d9acc57b5bb0928
0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9
04502778c5b4d93eb6f499b2d2173aa4d65ce81954d35db476ee2ab206f73e6b
052de6675c51ba85ae7e985de0fa1b3de9bfed30ab5f50ed1b694f1b62b2928f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
084f0e37abd4b42938b4a90d2fe4680849fe27e414dfcb985e35dc111825ce5c
0931402f65c46abd8b54c41cf4ec1b4b41f9f3480c79035cb756995bb7e3ebaf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0ee6998cd72913d2c7441cd562425c6a9d831c15469aeab2272426dd320a4a98
11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fc078572dae33fea40addd3d4e8804da41b74ebf45e5062a333f7e033d3f87
1311b01422446f3f8971a02e418c4079487376d6477af5db8a14af3ea4696eb8
13f8cd8875ae6aaee24c8be69c7ace951a9a6cf798747b8db1ff5ce31d5f4acc
143901963ea332e41f5090417f12aaca5ba56ea7b8d3d659b504b807d3c97acb
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ba50511d0b04dfe5ed6b50a881cd308e50ce02041e69bcc96d7d2337d108b05
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6
20fe3b7758001893052f543475659ed408f077a1a756057b5f2bddb42df38053
22498fd76cf5f1a04f86afbf80d0c72cc1778ef568e609fe2803ae3031123767
24af2921054f033227accaedee53c8b9e4d099e789baf8aa227962ecf53f1afc
26bf4c9657e6c38989e34f412d76de27ded5c6bb9d89a412f324f7a6bd68379b
28069363314d1047b29df125b048596e641973c1d885b10040440de1f1a75459
28d1ce65e8581699ad8a443547cfd978b052316e77b3936c05c5ca42d57cfa44
298f632a2569a946148bf6aa47aba9d7128df5e9eef02348b50e1b2bfac3e502
2a0c76409e0c1df95cffa13f03111eb4d749077b253568060b36f81dd721f4de
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
316387297b6d28573366cac3461586c82860914be2e24fa3af3c16d18b3003f9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367da94b0805fe0720fc87c6a119ffa3287883600f71fefe53284d227ac4fefe
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3d0cb392628858977666615ad34a5e37cb52f338aafaaac8dea67f513f6b630c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dadf1550a757befbc633bf7c6e7d59ffce0bea3a45ccfa0a6e010f042e33e37
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410a78cbd9400878e92e1f7d64d804e6fabed94b7bc7f3dd9eb19b3a89c3a2b2
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43b4b03c4d2e960e357d3984b5e10f8a9953309ce0d6bf909c753241dee5b947
442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011
447d86ae49eafdf98c0b29671cc846a788222f964ff52086814a2e8614b5f17e
45c2a3fd833bbfc5a3f72f1a5f1f1d1f719f5b952684dadee92f9a7f9d5b2c34
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476fdbe987937e6426505ecbaf2454cc106ac1af2538226e56be008f5ece0105
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491f5a65122be3ff1bd69af98a22bdcb58aa84dae4a95ade02f2fa84bf2fd7b5
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4aed1eff58f49aac71a8d4d89688a5b0af2b10b9dc19c3f2eda86f7c13dd7bea
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd88f6424353f03081832d44f36cb4a4131ee5e1be542aaf3f71cbc06a347b7
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b
54d196d9255eeaa69f91a6de0dc54a128f5aab129692e0511a7b9ae340ad9084
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b49db0f4c95c9e2039be4ab97352ca6103e304924dfb32ee540732d12e62dc3
5c6014d76cf41bc1b56bfe998e818bea77d75dd36e1a1ea869d23540cbf7bf0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795
637461bf36a597a7507b8007157317cabdcb50f5cef93fa6fb65d459c7b50171
659c61412cd3c5142dbd5a95d8f5f9a1aab931e4a2016694a8b14ee99e2d14f7
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
678c921ec9968495bf1bf8f9fe1a356c0293569814bcd9d8a837423a35d35a6e
6ba06f8b54576d94c29f994a3f055e6545ecd70afa5db3de67b7d4be00dc184b
6c43edec8d8e4c1dc0fd7a49bc480082390ad590dd9d5ff510980ae328c9b8e0
71e98cc55f514ff03e5741761031811f4c83234b8a272ae95d2ad336b76e96a8
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
753d9d078d7594492aad57f9057b17be55844f9f704e6e854322680cf0ebbe4a
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8
7746bda4a3c54e2d545c8220e62513d4b29bf563ebb871f914d191896ed227a1
7931a06a6a8edf1a1fecbde76e449c7e5d27ec3cfad645e4f8d3e4b37da8aad7
7ad50b518db2954d13ffa9ad89826c39d1ef56a2edaa020a43bad90fbbf3a700
7d107166ca632d15c63b84b8e79c75dfc9cd9619e6461b489f458180c8f4682e
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80698d1f9cc6895344c4c9dc75abba4a5aa73beac1f73921a41ee1c897b8acfd
82542050d660c4a966c91b010ca530bb44ee7f51d40abaa789032ca0c943edb7
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83faa07bb12a1268896106727dd36d56d74496a6b2f79eb0c6e2d70bdd97cb14
87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38
8827969106050f6e4bdcffaf810fff3159edb7ae4fc1b49735500ec90986f6b7
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c979ed3785f184174cba3c38dd0ebbd5b244add676982d9aeafb57b3e53b1a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef0a9115545b0547425ced87931c7d8cfbb2f988be7c1882e83918a9181180f
90f9a59759b42823c1a345951cfa99b4eff67f2087692d975a2f2ed6ab7a7720
917049e488cd77e9ff3530f3d214b3000ce4e61f54c30aba378cd84c6e9ec098
922d909f24b185365a9d33a8cf8aea2fe72e1e9e323b07d71870a9fbba071ebb
929758e015b2e02ecdfb777c32c537e260e60ed7c7a1001df6ff77a2a44c5747
95771868d3c3f7fdc3f846678e9e005d1154dc9c85ba39ad47af8a48b81e92fc
9616a3531ab06e77e0d897c5733bbf342515cf74a95500fdd46bcb14c7b1b69a
96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7351ebc60bac39b44ab2ae8aab65bbad91852b2e108211520b6782e1e45c3e
9baa1a890a654f704117a4dd343ba3ff313a1433488d3a39818e76ebef29185b
9d941ab98bb52ea16daa41cea3fdb27d0fd233490e208bacac0b8b1b1e588240
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fa97e776595432f6aea07a74bb410bb746d7fd0e4e324c3717db153bf83e5a9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03691c034b8eadcbc99e08afcd61d6ba543188acc5ca2f2093e30f981335f1d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f4420bd9bdd09ff296d20c8cec3e451e4ada11605a6b1e01779f29bd467771
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ac6670e91963e7c337c31b6690debfbf9d31fdb3158070629a8e5691cce4ac61
ad246c22665c091defc9280691f3ec063b83290993994fc8a872317bfa7ca326
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b08d682636e3f50b9def7923f3fd3bfcacb34e301d1c22b094f02b3acff9a62c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804
b6b92d26d6a88377497bc54d5cbcd48567f8d6f01a3d4dad8defa4505ba9254a
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b7dc0cc49d4fb83ecb1982d12480ef700877d0afa7cff0db4224de27186f9695
b911dfc611de7826b867f58c80d68e353597f9b1a4e91a5d82251a4a8e44c3e1
baba187fae460bf41e69bd48fb62383daa8f8de919e222eab84a8efdfb534a3d
babb32c829d4a4d5af37ce9046ddfe32208265bf3726fb16e207f1de8169c09f
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
c60b9fdd3bf8ac55bfdbbbba6a04c732b567e6330af2ffc4e2dfe3b99341f6a4
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c9e3a10e8206720cd958b456b2694713dcde32010af2cb3987c768ce8990395e
ca19f384fd440624d6ad3ccc21feee3aba5fc0267e3872a89f0b5093f0b6c1a0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb999c3dbc898dd0a441b8eb11bda0661bbd5d6de843eb5bae9ccefed6525dd5
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11694cecfbc5e4bea373a6996b0b3aa5fe8177c4db76db321eafcf02b4221e5
d1c84b77733dc7ac43e71a7007b2dea57b29e7a3b86df34dfd14b833275002bf
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
d26cf72408010e44483b8286769e5fefdb067d62753e9431af3b82a37f48917b
d320910eb20c3179d95a6110f64c2eb0c949b1cb0738d841fbe50cf3769aba15
d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750
d664a7e9ee2cbfdc6bfa6aab83535436d56886fd2f73080f82c88143ac4e9605
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc1a332ce0647cda82518800a1b603315365649019d38a2fe27d02a790066e76
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862
e65e3fefb29c42a7a456f6c69617852af8dffc3723817787cb57f7d85d98cc0d
ec79b9c3e6dfd082c670ef79c928b52b7bc895665e93d9d2d32d591370224ce0
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f2a69a76db29280ea1efc7c070e7307204598f88121b69e07c50ec8c219999d5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5c4b08e25c86c8e2155f7fb34c0213ba67d57226ddd803a486fa69f8d32ec38
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8edee7bf0e2766a48361e76b2dd3e5b43c28796e93ca46ef479e28b605a58d5
f9ab10dc550af635c4eaa5f2b1a7752621b97cfe8a5fc8657df711c8ff1adba4
fc004cd658bbfc9de2c0c6c887be9e848c8311d631057e128269c979c0ae05c4
fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fdea712f7fa78d05c22445fca3113c61dbc4430adc496ace58a72dd601870251
fe1f6d4d5f315c6c76f7c83531880a198f90af3eae5b1f4333d047ced3083a41
fe610436d53301d249eea6064a7ef2293f677df99a007904543d1f8b2413493f